正文

【漏洞通告】Windows SmartScreen 安全功能绕过漏洞

admin
admin V管理员 /0 评论 /44 阅读
1013
此篇文章发布距今已超过41天,您需要注意文章的内容或图片是否可用!

0x01 漏洞信息

漏洞名称:Windows SmartScreen 安全功能绕过漏洞
漏洞编号:CVE-2023-32049
漏洞等级:
披漏时间:2023年07月11日

0x02 漏洞描述

Microsoft SmartScreen,作为一款筛选工具,能够协助对抗病毒、防范网络钓鱼、提供针对恶意程序的保护。其中存在安全功能绕过漏洞,攻击者可以利用该漏洞在绕过目标系统上的安全功能,做出规定之外的行为。

0x03 漏洞状态

脆弱组件覆盖面
利用门槛
POC工具
EXP工具
广
公开
公开

0x04 影响版本

Windows 11 Version 22H2 for ARM64-based Systems、Windows 10 Version 21H2 for x64-based Systems、Windows 10 Version 21H2 for ARM64-based Systems、Windows 10 Version 21H2 for 32-bit Systems、Windows 11 version 21H2 for ARM64-based Systems、Windows 11 version 21H2 for x64-based Systems、Windows Server 2022 (Server Core installation)、Windows Server 2022、Windows Server 2016 (Server Core installation)、Windows Server 2016、Windows 10 Version 1607 for x64-based Systems、Windows 10 Version 1607 for 32-bit Systems、Windows 10 Version 22H2 for 32-bit Systems、Windows 10 Version 22H2 for ARM64-based Systems、Windows 10 Version 22H2 for x64-based Systems、Windows Server 2019 (Server Core installation)、Windows Server 2019、Windows 10 Version 1809 for ARM64-based Systems、Windows 10 Version 1809 for x64-based Systems、Windows 10 Version 1809 for 32-bit Systems、Windows 11 Version 22H2 for x64-based Systems

0x05 漏洞排查

用户尽快排查是否存在以下应用系统:Windows 11 Version 22H2 for ARM64-based Systems、Windows 10 Version 21H2 for x64-based Systems、Windows 10 Version 21H2 for ARM64-based Systems、Windows 10 Version 21H2 for 32-bit Systems、Windows 11 version 21H2 for ARM64-based Systems、Windows 11 version 21H2 for x64-based Systems、Windows Server 2022 (Server Core installation)、Windows Server 2022、Windows Server 2016 (Server Core installation)、Windows Server 2016、Windows 10 Version 1607 for x64-based Systems、Windows 10 Version 1607 for 32-bit Systems、Windows 10 Version 22H2 for 32-bit Systems、Windows 10 Version 22H2 for ARM64-based Systems、Windows 10 Version 22H2 for x64-based Systems、Windows Server 2019 (Server Core installation)、Windows Server 2019、Windows 10 Version 1809 for ARM64-based Systems、Windows 10 Version 1809 for x64-based Systems、Windows 10 Version 1809 for 32-bit Systems、Windows 11 Version 22H2 for x64-based Systems若存在应用使用,极大可能会受到影响。

0x06 漏洞加固

微软官方已更新受影响软件的安全补丁,用户可根据不同系统版本下载安装对应的安全补丁,安全更新链接如下:https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32049


推荐站内搜索:最好用的开发软件、免费开源系统、渗透测试工具云盘下载、最新渗透测试资料、最新黑客工具下载……
宙飒天下