【高危安全通告】微软7月多个漏洞

admin 2022年7月13日21:38:58评论6 views字数 7388阅读24分37秒阅读模式

↑ 点击上方 关注我们


安全狗应急响应中心监测到微软发布了2022年7月的例行安全更新公告,共涉及漏洞数84个,严重级别漏洞4个。本次发布涉及 Microsoft Windows、Windows Components、Microsoft Defender for Endpoint、Office and Office Components; Windows BitLocker、Windows Hyper-V等多个软件的安全更新。


安全狗建议广大用户及时做好资产自查以及漏洞修复工作。



漏洞描述


以下漏洞被标记为较为严重:

CVE-2022-22047(Windows CSRSS 权限提升漏洞):

该漏洞存在于客户端/服务器运行时子系统(CSRSS)中,允许经过身份认证的本地攻击者以SYSTEM的形式执行代码。该漏洞已出现在野利用。


CVE-2022-30221(Windows Graphics Component 远程代码执行漏洞):

攻击者必须诱导目标用户连接到恶意RDP服务器。连接后,恶意服务器可以在受害者系统上执行代码。只有安装了RDP 8.0或RDP 8.1,Windows 7 Service Pack 1或Windows Server 2008 R2 Service Pack 1才会受此漏洞影响。如果没有在Windows 7 SP1 或 Window Server 2008 R2 SP1上安装这些版本的RDP,不会受到此漏洞的影响。


CVE-2022-22029(Windows Network File System远程代码执行漏洞):

该漏洞允许未经验证的远程攻击者在没有用户交互的情况下通过向目标NFS服务器发送特制请求来利用这些漏洞,从而在目标系统上执行任意代码。要利用此漏洞,攻击者需要花费时间通过发送恒定或间歇性数据来不断进行利用尝试直到触发漏洞。


CVE-2022-22038(Remote Procedure Call Runtime远程代码执行漏洞):

该漏洞存在于Microsoft Remote Procedure Call Runtime中,未经身份验证的远程攻击者可通过向目标系统发送特制数据来利用此漏洞,从而在目标系统上执行任意代码。要成功利用此漏洞,攻击者需要通过发送恒定或间歇性数据来重复利用尝试,攻击复杂度为“高”。


CVE-2022-22039(Windows Network File System远程代码执行漏洞):

成功利用此漏洞需要竞争条件,可通过对网络文件系统 (NFS) 服务进行未经身份验证的特制调用以触发远程代码执行 (RCE),可以远程利用此漏洞。



安全通告信息


漏洞名称

微软7月多个漏洞

漏洞影响版本

CVE-2022-22047:

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows 7 for x64-based Systems Service Pack 1

Windows 7 for 32-bit Systems Service Pack 1

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 for ARM64-based Systems

Windows 11 for x64-based Systems

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems


CVE-2022-30221:

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows 7 for x64-based Systems Service Pack 1

Windows 7 for 32-bit Systems Service Pack 1

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 for ARM64-based Systems

Windows 11 for x64-based Systems

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Remote Desktop client for Windows Desktop

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems


CVE-2022-22029:

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows Server, version 20H2 (Server Core Installation)

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019


CVE-2022-22038:

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 for ARM64-based Systems

Windows 11 for x64-based Systems

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems


CVE-2022-22039:

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows Server, version 20H2 (Server Core Installation)

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

漏洞危害等级

高危

厂商是否已发布漏洞补丁

版本更新地址

https://msrc.microsoft.com/update-guide/releaseNote/2022-Jul

安全狗总预警期数

236

安全狗发布预警日期

2022713

安全狗更新预警日期

2022713

发布者

安全狗海青实验室



官方安全建议


安全建议

(一)Windows update更新

自动更新:Microsoft Update默认启用,当系统检测到可用更新时,将会自动下载更新并在下一次启动时安装。


(二)手动安装更新

Microsoft官方下载相应补丁进行更新。

7月安全更新下载链接:

https://msrc.microsoft.com/update-guide/releaseNote/2022-Jul


参考连接

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30221

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22029

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22038

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22039




安全狗产品解决方案


若想了解更多安全狗产品信息或有相关业务需求,可前往安全狗官网了解:https://www.safedog.cn/



01

云眼·新一代(云)主机入侵检测及安全管理系统


安全狗采用先进的端点检测及响应(EDR)技术模型、自适应安全架构及ATT&CK在Server EDR中的应用相结合的理念,构建的新一代(云)主机入侵监测及安全管理系统,可解决私有云、混合云中主机安全监测及防护问题。

02

云网·(云)主机漏洞发现及补丁修复系统


安全狗云网·发现及补丁修复系统可以为用户构建属于自己的补丁大数据仓库,用于修补可能导致安全薄弱、破坏关键系统数据或导致系统不可用的漏洞。云网不仅可以进行补丁部署,还可扫描网络漏洞、识别缺失的安全补丁和修补程序,并立即部署以降低网络空间风险。



原文始发于微信公众号(海青安全研究实验室):【高危安全通告】微软7月多个漏洞

  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2022年7月13日21:38:58
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   【高危安全通告】微软7月多个漏洞https://cn-sec.com/archives/1175029.html

发表评论

匿名网友 填写信息