【高危漏洞预警】Windows SMB 权限提升漏洞(CVE-2025-33073)

漏洞描述:

Windоԝѕ SMB（Sеrｖеr Mеѕѕаɡе Blосk）是一种网络通信协议用于计算机之间共享资源和文件,该漏洞存在于Windоԝѕ SMB中,由于访问控制不当,具有低用户权限的攻击者可以通过添加恶意的DNS记录并强制受害机进行解析来获取域内所有用户的权限,从而达到提权的目的。

影响产品:

1、Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

2、Windows Server 2008 R2 for x64-based Systems Service Pack 1

3、Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

4、Windows Server 2008 for x64-based Systems Service Pack 2

5、Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

6、Windows Server 2008 for 32-bit Systems Service Pack 2

7、Windows Server 2016 (Server Core installation)

8、Windows Server 2016

9、Windows 10 Version 1607 for x64-based Systems

10、Windows 10 Version 1607 for 32-bit Systems

11、Windows Server 2012 R2 (Server Core installation)

12、Windows Server 2012 R2

13、Windows Server 2012 (Server Core installation)

14、Windows Server 2012

15、Windows 10 for x64-based Systems

16、Windows 10 for 32-bit Systems

17、Windows Server 2025

18、Windows 11 Version 24H2 for x64-based Systems

19、Windows 11 Version 24H2 for ARM64-based Systems

20、Windows Server 2022, 23H2 Edition (Server Core installation)

21、Windows 11 Version 23H2 for x64-based Systems

22、Windows 11 Version 23H2 for ARM64-based Systems

23、Windows Server 2025 (Server Core installation)

24、Windows 10 Version 22H2 for 32-bit Systems

25、Windows 10 Version 22H2 for ARM64-based Systems

26、Windows 10 Version 22H2 for x64-based Systems

27、Windows 11 Version 22H2 for x64-based Systems

28、Windows 11 Version 22H2 for ARM64-based Systems

29、Windows 10 Version 21H2 for x64-based Systems

30、Windows 10 Version 21H2 for ARM64-based Systems

31、Windows 10 Version 21H2 for 32-bit Systems

32、Windows Server 2022 (Server Core installation)

33、Windows Server 2022

34、Windows Server 2019 (Server Core installation)

35、Windows Server 2019

36、Windows 10 Version 1809 for x64-based Systems

37、Windows 10 Version 1809 for 32-bit Systems

修复建议:

补丁名称:

2025－06 适用于基于 х64 系统的 Windоԝѕ Sеrｖеr 2008 R2 的安全质量更新 (KB5061036)

公告链接:

https://support.microsoft.com/en-us/topic/june-10-2025-kb5061036-security-only-update-a3c4ac87-369d-4bd3-b42d-410198bf8b0d

文件链接：

https://catalog.update.microsoft.com/Search.aspx?q=KB5061036 

官方已发布安全更新补丁,受影响用户可以到官方下载对应的补丁更新或者手动更新系统 

原文始发于微信公众号（飓风网络安全）：【高危漏洞预警】Windows SMB 权限提升漏洞(CVE-2025-33073)