此篇文章发布距今已超过77天,您需要注意文章的内容或图片是否可用!
0x01 漏洞信息
0x02 漏洞描述
该漏洞是由于MSDT被用户应用使用URL协议调用,攻击者通过社会工程诱使受害者从网站下载并打开特制文件,最终获取用户权限。0x03 漏洞状态
0x04 影响版本
Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for 32-bit/x64-based Systems Service Pack 2Windows 8.1 for 32-bit/x64-based systemsWindows 7 for 32-bit/x64-based Systems Service Pack 1Windows 10 Version 1607 for 32-bit/x64-based Systems Windows 10 for 32-bit/x64-based SystemsWindows 10 Version 21H2 for 32-bit/ARM64-based/x64-based SystemsWindows 11 for x64-based/ARM64-based SystemsWindows 10 Version 20H2 for x64-based/32-bit/ARM64-based SystemsWindows Server 2022 Azure Edition Core HotpatchWindows Server 2022、 Windows 10 Version 21H1 for x64-based/ARM64-based/32-bit SystemsWindows Server 2019、 Windows 10 Version 1809 for 32-bit/x64-based/ARM64-based Systems0x05 漏洞排查
进行进程排查,查看在word.exe 或 excel.exe 等父进程下,有无异常新建 msdt.exe相关的子进程:异常进程为攻击者进行漏洞利用后所产生。0x06 漏洞加固
当前官方已发布受影响版本的修复指南,修复详情如下:https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/ 推荐站内搜索:最好用的开发软件、免费开源系统、渗透测试工具云盘下载、最新渗透测试资料、最新黑客工具下载……
还没有评论,来说两句吧...