- 产品与解决方案
- 行业解决方案
- 服务
- 支持
- 合作伙伴
- 关于我们
威胁预警团队
2022/02/15
NTLM(NT LAN MANAGER)是一套身份验证和会话安全协议,是 Windows NT 早期版本的标准安全协议。NTLM最初用于DCE/RPC的身份验证和协商(Negotiate),广泛应用于Windows系列产品中。近日,新华三攻防实验室威胁预警团队监测到微软2月通告中披露了一则Windows NTLM权限提升漏洞(CVE-2023-21746),且漏洞利用代码已公开,攻击者利用该漏洞可将普通用户权限提升至SYSTEM权限。
Windows NTLM 在进行身份验证时存在提权漏洞,拥有低权限的恶意攻击者通过强制身份验证获取特权用户的上下文,并在身份认证时交换代表上下文的Reserved字段,成功利用此漏洞可获取SYSTEM权限。
· Windows Server 2012 R2
· Windows RT 8.1
· Windows 8.1 for x64-based systems
· Windows 8.1 for 32-bit systems
· Windows 7 for x64-based Systems Service Pack 1
· Windows 7 for 32-bit Systems Service Pack 1
· Windows Server 2016 (Server Core installation)
· Windows Server 2016
· Windows Server 2022 (Server Core installation)
· Windows Server 2022
· Windows Server 2012 (Server Core installation)
· Windows Server 2012
· Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
· Windows Server 2008 R2 for x64-based Systems Service Pack 1
· Windows Server 2012 R2 (Server Core installation)
· Windows 10 Version 1607 for x64-based Systems
· Windows 10 Version 1607 for 32-bit Systems
· Windows 10 for x64-based Systems
· Windows 10 for 32-bit Systems
· Windows 10 Version 22H2 for 32-bit Systems
· Windows 10 Version 22H2 for ARM64-based Systems
· Windows 10 Version 22H2 for x64-based Systems
· Windows 11 Version 22H2 for x64-based Systems
· Windows 11 Version 22H2 for ARM64-based Systems
· Windows 10 Version 21H2 for x64-based Systems
· Windows 10 Version 21H2 for ARM64-based Systems
· Windows 10 Version 21H2 for 32-bit Systems
· Windows 11 version 21H2 for ARM64-based Systems
· Windows 11 version 21H2 for x64-based Systems
· Windows 10 Version 20H2 for ARM64-based Systems
· Windows 10 Version 20H2 for 32-bit Systems
· Windows 10 Version 20H2 for x64-based Systems
· Windows Server 2019 (Server Core installation)
· Windows Server 2019
· Windows 10 Version 1809 for ARM64-based Systems
· Windows 10 Version 1809 for x64-based Systems
· Windows 10 Version 1809 for 32-bit Systems
威胁等级 | 高危 |
影响程度 | 广泛 |
利用价值 | 高 |
利用难度 | 中等 |
漏洞评分 | 7.8 |
目前官方已修复该漏洞,受影响用户可以升级更新到安全版本。官方下载链接:https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21746
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21746
产品与解决方案
