威胁预警团队
2021/06/08
2021年06月09日,新华三攻防实验室威胁预警团队监测发现Microsoft官方发布了6月安全更新,此次安全更新共发布了50个漏洞的补丁,主要覆盖了以下组件:Windows操作系统、.NET Core和Visual Studio,Microsoft DWM 核心库,Microsoft Office, Microsoft Defender等。在此次更新的补丁中,有5个被微软标记为严重漏洞,45个被标记为高危漏洞。
对此,新华三攻防实验室建议广大用户及时做好资产自查以及预防工作,以免遭受黑客攻击。
Windows MSHTML Platform存在远程代码执行漏洞,远程攻击者可以通过诱导用户打开特制的文件或访问恶意网页来利用此漏洞。此漏洞已被发现存在在野利用情况,请广大用户尽快前往微软官网下载补丁进行更新。
Microsoft Defender存在远程代码执行漏洞,该漏洞需要经过身份验证后才能进行利用,经过身份认证后的远程攻击者可以利用此在目标服务器上执行任意代码。
微软VP9的视频扩展中存在远程代码执行漏洞,该漏洞需要经过身份验证后才能进行利用,经过身份认证后的远程攻击者可以利用此在目标服务器上执行任意代码。目前该漏洞已在应用程序包版本1.0.41182.0及更高版本中修复,用户可在PowerShell中执行以下命令查看软件版本:
Get-AppxPackage -Name Microsoft.VP9VideoExtensions
DWM Core Library存在权限提升漏洞,经过身份认证的攻击者可以利用此漏洞进行提权操作。远程攻击者还可以通过诱导用户打开特制的文件或访问恶意网页来利用此漏洞。此漏洞的利用细节已公开,且被发现存在在野利用情况,请广大用户尽快前往微软官网下载补丁进行更新。
Windows 内核存在信息泄露漏洞,攻击者可以利用此漏洞从系统中获取系统信息。该漏洞由卡巴斯基安全研究人员发现,且发现已被PuzzleMaker组织将该漏洞与CVE-2021-31956结合进行组合利用,用来逃离Chrome沙箱并获取系统权限,请广大用户尽快前往微软官网下载补丁进行更新。
Windows NTFS存在权限提升漏洞,经过身份认证的攻击者可以利用此漏洞进行提权操作。远程攻击者还可以通过诱导用户打开特制的文件或访问恶意网页来利用此漏洞。该漏洞由卡巴斯基安全研究人员发现,且发现已被PuzzleMaker组织将该漏洞与CVE-2021-31955结合进行组合利用,用来逃离Chrome沙箱并获取系统权限,请广大用户尽快前往微软官网下载补丁进行更新。
Microsoft Enhanced Cryptographic Provider存在权限提升漏洞(CVE-2021-31199、CVE-2021-31201),经过身份认证的攻击者可以利用此漏洞进行提权操作。这两个漏洞已被发现有攻击者将其与上月修复的Adobe Reader漏洞CVE-2021-28550结合使用,通过诱导用户打开特制的PDF文档来利用这些漏洞,成功利用后可在用户机器上执行任意代码,请广大用户尽快前往微软官网下载补丁进行更新。
CVE编号 | 受影响版本 |
CVE-2021-31742 | Windows Server 2012 R2 Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
CVE-2021-31985 | Microsoft Malware Protection Engine < 1.1.18200.3 |
CVE-2021-31967 | VP9 Video Extensions < 1.0.41182.0 |
CVE-2021-33739 | Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems |
CVE-2021-31955 | Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
CVE-2021-31956 CVE-2021-31199 CVE-2021-31201 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
目前,微软官方已经发布针对此漏洞的补丁程序,建议用户通过以下链接尽快安装补丁程序:
https://msrc.microsoft.com/update-guide/releaseNote/2021-Jun