【漏洞通告】Windows 内核权限提升漏洞（CVE-2023-35359）

Windows内核是Windows操作系统的核心组件，它是操作系统的底层部分，负责管理和协调计算机硬件和软件资源。内核提供了操作系统的基本功能和服务，包括进程管理、内存管理、设备驱动程序、文件系统、网络通信等。

美创第59号实验室监测到Microsoft发布了Windows Server的风险通告，漏洞编号：CVE-2023-35359，漏洞等级：高危。该漏洞存在于Windows 内核中，是一个权限提升漏洞。攻击者可利用该漏洞来欺骗特权进程从不受信任的位置加载配置文件和其他资源，从而导致特权提升。

• Windows Server 2012 R2 (Server Core installation)
• Windows Server 2012 R2
• Windows Server 2012 (Server Core installation)
• Windows Server 2012
• Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
• Windows Server 2008 R2 for x64-based Systems Service Pack 1
• Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
• Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
• Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2016 (Server Core installation)
• Windows Server 2016
• Windows 10 Version 1607 for x64-based Systems
• Windows 10 Version 1607 for 32-bit Systems
• Windows 10 for x64-based Systems
• Windows 10 for 32-bit Systems
• Windows 10 Version 22H2 for 32-bit Systems
• Windows 10 Version 22H2 for ARM64-based Systems
• Windows 10 Version 22H2 for x64-based Systems
• Windows 11 Version 22H2 for x64-based Systems
• Windows 11 Version 22H2 for ARM64-based Systems
• Windows 10 Version 21H2 for x64-based Systems
• Windows 10 Version 21H2 for ARM64-based Systems
• Windows 10 Version 21H2 for 32-bit Systems
• Windows 11 version 21H2 for ARM64-based Systems
• Windows 11 version 21H2 for x64-based Systems
• Windows Server 2022 (Server Core installation)
• Windows Server 2022
• Windows Server 2019 (Server Core installation)
• Windows Server 2019
• Windows 10 Version 1809 for ARM64-based Systems
• Windows 10 Version 1809 for x64-based Systems

• Windows 10 Version 1809 for 32-bit Systems

Windows系统默认启用 Microsoft Update，当检测到可用更新时，将会自动下载更新并在下一次启动时安装。

2.手动安装补丁

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35359