登录

欢迎user新华三退出

国家 / 地区

  • 产品与解决方案
  • 行业解决方案
  • 服务
  • 支持
  • 合作伙伴
  • 新华三人才研学中心
  • 关于我们
docurl=/cn/Products___Technology/Products/IP_Security/Security_Research/Home/Notice/Notice/202112/1519541_30003_0.htm

微软六月补丁日安全通告

【发布时间:2021-12-30】

威胁预警团队

2021/06/08

1. 漏洞综述

1.1 漏洞背景

2021年06月09日,新华三攻防实验室威胁预警团队监测发现Microsoft官方发布了6月安全更新,此次安全更新共发布了50个漏洞的补丁,主要覆盖了以下组件:Windows操作系统、.NET Core和Visual Studio,Microsoft DWM 核心库,Microsoft Office, Microsoft Defender等。在此次更新的补丁中,有5个被微软标记为严重漏洞,45个被标记为高危漏洞。

对此,新华三攻防实验室建议广大用户及时做好资产自查以及预防工作,以免遭受黑客攻击。

1.2 重点漏洞

CVE-2021-33742 Windows MSHTML Platform远程代码执行漏洞

Windows MSHTML Platform存在远程代码执行漏洞,远程攻击者可以通过诱导用户打开特制的文件或访问恶意网页来利用此漏洞。此漏洞已被发现存在在野利用情况,请广大用户尽快前往微软官网下载补丁进行更新。

CVE-2021-31985 Microsoft Defender 远程代码执行漏洞

Microsoft Defender存在远程代码执行漏洞,该漏洞需要经过身份验证后才能进行利用,经过身份认证后的远程攻击者可以利用此在目标服务器上执行任意代码。

CVE-2021-31967 VP9 Video Extensions 远程代码执行漏洞

微软VP9的视频扩展中存在远程代码执行漏洞,该漏洞需要经过身份验证后才能进行利用,经过身份认证后的远程攻击者可以利用此在目标服务器上执行任意代码。目前该漏洞已在应用程序包版本1.0.41182.0及更高版本中修复,用户可在PowerShell中执行以下命令查看软件版本:

Get-AppxPackage -Name Microsoft.VP9VideoExtensions

CVE-2021-33739 DWM Core Library 权限提升漏洞

DWM Core Library存在权限提升漏洞,经过身份认证的攻击者可以利用此漏洞进行提权操作。远程攻击者还可以通过诱导用户打开特制的文件或访问恶意网页来利用此漏洞。此漏洞的利用细节已公开,且被发现存在在野利用情况,请广大用户尽快前往微软官网下载补丁进行更新。

CVE-2021-31955 Windows Kernel信息泄露漏洞

Windows 内核存在信息泄露漏洞,攻击者可以利用此漏洞从系统中获取系统信息。该漏洞由卡巴斯基安全研究人员发现,且发现已被PuzzleMaker组织将该漏洞与CVE-2021-31956结合进行组合利用,用来逃离Chrome沙箱并获取系统权限,请广大用户尽快前往微软官网下载补丁进行更新。

CVE-2021-31956 Windows NTFS权限提升漏洞

Windows NTFS存在权限提升漏洞,经过身份认证的攻击者可以利用此漏洞进行提权操作。远程攻击者还可以通过诱导用户打开特制的文件或访问恶意网页来利用此漏洞。该漏洞由卡巴斯基安全研究人员发现,且发现已被PuzzleMaker组织将该漏洞与CVE-2021-31955结合进行组合利用,用来逃离Chrome沙箱并获取系统权限,请广大用户尽快前往微软官网下载补丁进行更新。

CVE-2021-31199、CVE-2021-31201 Microsoft Enhanced Cryptographic Provider 权限提升漏洞

Microsoft Enhanced Cryptographic Provider存在权限提升漏洞(CVE-2021-31199、CVE-2021-31201),经过身份认证的攻击者可以利用此漏洞进行提权操作。这两个漏洞已被发现有攻击者将其与上月修复的Adobe Reader漏洞CVE-2021-28550结合使用,通过诱导用户打开特制的PDF文档来利用这些漏洞,成功利用后可在用户机器上执行任意代码,请广大用户尽快前往微软官网下载补丁进行更新。

2. 影响范围

CVE编号

受影响版本

CVE-2021-31742

Windows Server 2012 R2

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows 7 for x64-based Systems Service Pack 1

Windows 7 for 32-bit Systems Service Pack 1

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows 10 Version 2004 for x64-based Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for 32-bit Systems

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

CVE-2021-31985

Microsoft Malware Protection Engine < 1.1.18200.3

CVE-2021-31967

VP9 Video Extensions < 1.0.41182.0

CVE-2021-33739

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server, version 2004 (Server Core installation)

Windows 10 Version 2004 for x64-based Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for 32-bit Systems

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

CVE-2021-31955

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server, version 2004 (Server Core installation)

Windows 10 Version 2004 for x64-based Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for 32-bit Systems

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

CVE-2021-31956

CVE-2021-31199

CVE-2021-31201

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows 7 for x64-based Systems Service Pack 1

Windows 7 for 32-bit Systems Service Pack 1

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server, version 2004 (Server Core installation)

Windows 10 Version 2004 for x64-based Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for 32-bit Systems

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

3. 处置方法

3.1官方补丁

目前,微软官方已经发布针对此漏洞的补丁程序,建议用户通过以下链接尽快安装补丁程序:

https://msrc.microsoft.com/update-guide/releaseNote/2021-Jun

新华三官网
联系我们