微软发布了2022年11月的例行安全更新公告,共涉及漏洞数64个。本次发布涉及Microsoft Windows、Azure、Microsoft Dynamics、Exchange Server、Office、SharePoint Server、Network Policy Server (NPS)、Windows BitLocker等多个软件的安全更新。
为避免您的业务受影响,芒竹云安全建议您及时开展安全自查,如在受影响范围,请您及时进行更新修复,避免被外部攻击者入侵。
漏洞详情
在此次公告中以下漏洞需要微软用户重点关注:
Windows Scripting Languages远程代码执行漏洞(CVE-2022-41128):
漏洞cvss评分8.8,被官方标记为已发现在野利用。该漏洞主要影响JScript9 脚本语言,该漏洞需要攻击者诱导 Windows 用户访问搭建的恶意服务器才可利用。
Windows Print Spooler 权限提升漏洞(CVE-2022-41073):
漏洞cvss评分7.8,被官方标记为已发现在野利用。漏洞与PrintNightmare类似,攻击者可利用Print Spooler服务漏洞获得system权限。
Windows CNG 密钥隔离服务权限提升漏洞(CVE-2022-41125):
漏洞cvss评分7.8,被官方标记为已发现在野利用。攻击者可利用Windows CNG Key Isolation Service漏洞获得system权限。
Microsoft Exchange Server 权限提升漏洞(CVE-2022-41080):
漏洞cvss评分8.8,被官方标记为很有可能被利用。
Microsoft Exchange Server远程代码执行漏洞(CVE-2022-41082):
漏洞cvss评分8.8,漏洞已于9月29日被披露发现0day利用,目前已发布补丁。该漏洞类似于proxyshell,已经获得身份验证的远程攻击者,可利用 SSRF 提升权限并在 Exchange 服务器上执行任意 PowerShell 代码。
Microsoft Exchange Server 权限提升漏洞(CVE-2022-41040):
漏洞cvss评分8.8,漏洞已于9月29日与CVE-2022-41082同时被披露,目前已发布补丁,请及时修复。
风险等级
高风险
漏洞风险
攻击者利用该漏洞可导致远程代码执行或权限提升等危害
影响版本
CVE-2022-41128:
Windows Server 2012 R2
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2022-41073:
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 Datacenter: Azure Edition (Hotpatch)
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2022-41125:
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 Datacenter: Azure Edition (Hotpatch)
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
CVE-2022-41080 / CVE-2022-41082 / CVE-2022-41040:
Microsoft Exchange Server 2016 Cumulative Update 22
Microsoft Exchange Server 2019 Cumulative Update 11
Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 2019 Cumulative Update 12
Microsoft Exchange Server 2016 Cumulative Update 23
安全版本
微软2022年11月最新补丁
修复建议
官方已发布漏洞补丁及修复版本,请评估业务是否受影响后,酌情升级至安全版本
【备注】:建议您在升级前做好数据备份工作,避免出现意外
漏洞参考
https://msrc.microsoft.com/update-guide/releaseNote/2022-Nov”>https://msrc.microsoft.com/update-guide/releaseNote/2022-Nov
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41128″>https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41128
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41073″>https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41073
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41125″>https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41125
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41080″>https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41080
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082″>https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41082
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41040″>https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41040
https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/”>https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/