【漏洞预警】微软补丁日安全通告11月份

资讯安识科技

2022-11-10 7,234

1. 通告信息

2022年11月9日，微软发布了11月安全更新，本次更新修复了包括6个0 day漏洞在内的68个安全漏洞，其中有11个漏洞评级为“严重”。

对此，安识科技建议广大用户及时升级到安全版本，并做好资产自查以及预防工作，以免遭受黑客攻击。

2. 漏洞概述

本次发布的安全更新涉及.NET Framework、Azure、Linux Kernel、Microsoft Exchange Server、Microsoft Office、Windows Hyper-V、Visual Studio、Windows ALPC、Windows Kerberos、Windows Mark of the Web (MOTW)、Windows Network Address Translation (NAT)、Windows ODBC Driver、Windows Point-to-Point Tunneling Protocol、Windows Print Spooler Components、Windows Scripting和Windows Win32K等多个产品和组件。

本次修复的68个漏洞（不包括2个OpenSSL 漏洞）中，27个为提取漏洞，16个为远程代码执行漏洞，11个为信息泄露漏洞，6个为拒绝服务漏洞，4个为安全功能绕过漏洞，以及3个欺骗漏洞。

微软本次共修复了6个被积极利用的0 day漏洞，其中CVE-2022-41091已被公开披露：

CVE-2022-41128：Windows Scripting Languages远程代码执行漏洞

该漏洞的CVSS评分为8.8，影响了JScript9 脚本语言和多个Windows 版本，利用该漏洞需与用户交互，目前已检测到漏洞利用。

CVE-2022-41091：Windows Mark of the Web 安全功能绕过漏洞

该漏洞的CVSS评分为5.4，利用该漏洞需与用户交互。可以制作恶意文件来规避Mark of the Web (MOTW)防御，从而导致 Microsoft Office 中的受保护视图等依赖 MOTW 标记的安全功能受到影响。该漏洞已经公开披露，且已检测到漏洞利用。

CVE-2022-41073：Windows Print Spooler 特权提升漏洞

该漏洞的CVSS评分为7.8，影响了Windows 后台打印程序，成功利用该漏洞的本地恶意用户可以获得SYSTEM权限，目前已经检测到漏洞利用。

CVE-2022-41125：Windows CNG Key Isolation Service 特权提升漏洞

该漏洞的CVSS评分为7.8，影响了Windows CNG 密钥隔离服务，成功利用该漏洞的本地恶意用户可以获得SYSTEM权限，目前已经检测到漏洞利用。

CVE-2022-41040：Microsoft Exchange Server 特权提升漏洞

该漏洞的CVSS评分为8.8，微软于2022年9月30日首次披露该漏洞（Microsoft Exchange ProxyNotShell漏洞），成功利用该漏洞可以提升权限，并在目标系统中运行PowerShell，但必须经过身份验证，该漏洞已经检测到漏洞利用。

CVE-2022-41082：Microsoft Exchange Server 远程代码执行漏洞

该漏洞的CVSS评分为8.8，微软于2022年9月30日首次披露该漏洞（Microsoft Exchange ProxyNotShell漏洞），经过身份验证的恶意用户可以通过网络调用在服务器帐户的上下文中触发恶意代码，导致远程代码执行，该漏洞已经检测到漏洞利用。

3. 漏洞危害

攻击者可利用漏洞在未授权的情况下，构造恶意数据执行远程代码执行攻击，最终获取服务器最高权限。

4. 影响版本

漏洞名称、CVE编号	受影响版本
Windows Web 查询标记安全功能绕过漏洞 CVE-2022-41091	Windows 10 Version 22H2 for x64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Datacenter: Azure Edition (Hotpatch) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems
Microsoft Exchange Server 特权提升漏洞 CVE-2022-41040	Microsoft Exchange Server 2016 Cumulative Update 23 Microsoft Exchange Server 2019 Cumulative Update 12 Microsoft Exchange Server 2019 Cumulative Update 11 Microsoft Exchange Server 2016 Cumulative Update 22 Microsoft Exchange Server 2013 Cumulative Update 23
Microsoft Exchange Server 远程执行代码漏洞 CVE-2022-41082	Microsoft Exchange Server 2016 Cumulative Update 23 Microsoft Exchange Server 2019 Cumulative Update 12 Microsoft Exchange Server 2019 Cumulative Update 11 Microsoft Exchange Server 2016 Cumulative Update 22 Microsoft Exchange Server 2013 Cumulative Update 23
Windows 脚本语言远程代码执行漏洞 CVE-2022-41128	Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows Server 2012 R2 Windows Server 2012 Windows Server 2012 Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for x64-based systems Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 8.1 for 32-bit systems Windows 8.1 for 32-bit systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems
Windows CNG 密钥隔离服务特权提升漏洞 CVE-2022-41125	Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2012 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for x64-based systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 (Server Core installation) Windows 8.1 for 32-bit systems Windows 8.1 for 32-bit systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Datacenter: Azure Edition (Hotpatch) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems
Windows 打印后台处理程序特权提升漏洞 CVE-2022-41073	Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 8.1 for x64-based systems Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Datacenter: Azure Edition (Hotpatch) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

5. 解决方案

微软官方已更新受影响软件的安全补丁，用户可根据不同系统版本下载安装对应的安全补丁，安全更新链接如下：

https://msrc.microsoft.com/update-guide/zh-CN/vulnerability/CVE-2022-41091

https://msrc.microsoft.com/update-guide/zh-CN/vulnerability/CVE-2022-41040

https://msrc.microsoft.com/update-guide/zh-CN/vulnerability/CVE-2022-41082

https://msrc.microsoft.com/update-guide/zh-CN/vulnerability/CVE-2022-41128

https://msrc.microsoft.com/update-guide/zh-CN/vulnerability/CVE-2022-41125

https://msrc.microsoft.com/update-guide/zh-CN/vulnerability/CVE-2022-41073

6. 时间轴

【-】2022年11月09日微软例行补丁日，微软官网发布漏洞安全公告。

【-】2022年11月09日安识科技A-Team团队根据漏洞信息分析

【-】2022年11月10日安识科技A-Team团队发布安全通告

本文作者：安识科技

本文为安全脉搏专栏作者发布，转载请注明：https://www.secpulse.com/archives/190852.html

Tags: 0 day漏洞、CVE-2022-41040、CVE-2022-41073、CVE-2022-41082、CVE-2022-41091、CVE-2022-41125、CVE-2022-41128、安全漏洞、微软补丁日

点赞： 4 评论：0 收藏： 0

快来写下你的想法吧！

	安识科技
	文章数：190	积分： 135
	安识科技：专业的企业安全解决方案提供商。官网：https://www.duoyinsu.com/

安全问答社区

脉搏官方公众号

活动日程

2022-06-17

Gdevops 全球敏捷运维峰会

2022-05-12

Mastering the Challenge！——来自The 3rd AutoCS 2022智能汽车信息安全大会的邀请函

2021-11-18

AutoSW 2021智能汽车软件开发大会

2021-06-27

2021中国国际网络安全博览会暨高峰论坛

2021-05-27

The 2nd AutoCS 2021智能汽车信息安全大会

2020-12-18

贝壳找房2020 ICS安全技术峰会

2020-12-11

全球敏捷运维峰会（Gdevops2020）

2020-12-04

2020京麒网络安全大会

2020-11-29

OPPO技术开放日第六期|聚焦应用与数据安全防护

2020-11-27

EISS-2020企业信息安全峰会之上海站 11.27

2020-09-24

CSDI summit中国软件研发管理行业技术峰会

2020-09-23

2020中国国际智慧能源暨能源数据中心与网络信息安全装备展览会

2020-07-31

EISS-2020企业信息安全峰会之北京站 | 7.31（周五线上）

2020-04-15

看雪.安恒 2020 KCTF 春季赛

2020-01-09

相约本地生活安全沙龙暨白帽子颁奖典礼

【漏洞预警】微软补丁日安全通告11月份

相关文章

安全问答社区

脉搏官方公众号

活动日程

2022-06-17

2022-05-12

2021-11-18

2021-06-27

2021-05-27

2020-12-18

2020-12-11

2020-12-04

2020-11-29

2020-11-27

2020-09-24

2020-09-23

2020-07-31

2020-04-15

2020-01-09

安全问答社区

脉搏官方公众号

友情链接

关注我们

SecPluse

合作伙伴

品牌归属

关于我们

脉搏文库

安全建设

其他

【漏洞预警】微软补丁日安全通告11月份

相关文章

安全问答社区

脉搏官方公众号

活动日程

2022-06-17

2022-05-12

2021-11-18

2021-06-27

2021-05-27

2020-12-18

2020-12-11

2020-12-04

2020-11-29

2020-11-27

2020-09-24

2020-09-23

2020-07-31

2020-04-15

2020-01-09

安全问答社区

脉搏官方公众号

友情链接

关注我们

SecPluse

合作伙伴

品牌归属

关于我们