<ins id="tnc6t"></ins>
<ins id="tnc6t"><address id="tnc6t"><output id="tnc6t"></output></address></ins>
  • <input id="tnc6t"></input>

      <button id="tnc6t"></button>

        1. CNNVD通報Microsoft Windows Support Diagnostic Tool安全漏洞

          2022年06月09日

          日前,國家信息安全漏洞庫(CNNVD)正式發布了關于Microsoft Windows Support Diagnostic Tool安全漏洞(CNNVD-202205-4277、CVE-2022-30190)的情況通報。成功利用此漏洞的攻擊者,可在目標主機執行惡意代碼。Windows 11、Windows 10 、Windows 8、Windows 7、Windows Server 2022、Windows Server 2016、Windows Server 2012、Windows Server 2008、Windows Server version 20H2、Windows Server 2022等多個系統版本均受此漏洞影響。目前,微軟官方發布了臨時修補措施緩解漏洞帶來的危害,請用戶及時確認是否受到漏洞影響,盡快采取修補措施。

          漏洞介紹

          Microsoft Windows Support Diagnostic Tool是美國微軟公司Windows操作系統內的一個程序,用于排除故障并收集診斷數據以供技術人員分析和解決問題。該漏洞源于Microsoft Windows Support Diagnostic Tool中的URL協議存在邏輯問題,攻擊者可誘使目標主機的應用(如word)通過Microsoft Windows Support Diagnostic Tool中的URL協議下載并打開特制的文件,進而在目標主機執行惡意代碼。

          危害影響

          成功利用此漏洞的攻擊者,可在目標主機執行惡意代碼。以下操作系統版本受漏洞影響:

          Windows Server 2012 R2 (Server Core installation)

          Windows Server 2012 R2

          Windows Server 2012 (Server Core installation)

          Windows Server 2012

          Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

          Windows Server 2008 R2 for x64-based Systems Service Pack 1

          Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

          Windows Server 2008 for x64-based Systems Service Pack 2

          Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

          Windows Server 2008 for 32-bit Systems Service Pack 2

          Windows RT 8.1

          Windows 8.1 for x64-based systems

          Windows 8.1 for 32-bit systems

          Windows 7 for x64-based Systems Service Pack 1

          Windows 7 for 32-bit Systems Service Pack 1

          Windows Server 2016  (Server Core installation)

          Windows Server 2016

          Windows 10 Version 1607 for x64-based Systems

          Windows 10 Version 1607 for 32-bit Systems

          Windows 10 for x64-based Systems

          Windows 10 for 32-bit Systems

          Windows 10 Version 21H2 for x64-based Systems

          Windows 10 Version 21H2 for ARM64-based Systems

          Windows 10 Version 21H2 for 32-bit Systems

          Windows 11 for ARM64-based Systems

          Windows 11 for x64-based Systems

          Windows Server, version 20H2 (Server Core Installation)

          Windows 10 Version 20H2 for ARM64-based Systems

          Windows 10 Version 20H2 for 32-bit Systems

          Windows 10 Version 20H2 for x64-based Systems

          Windows Server 2022 Azure Edition Core Hotpatch

          Windows Server 2022 (Server Core installation)

          Windows Server 2022

          Windows 10 Version 21H1 for 32-bit Systems

          Windows 10 Version 21H1 for ARM64-based Systems

          Windows 10 Version 21H1 for x64-based Systems

          Windows Server 2019  (Server Core installation)

          Windows Server 2019

          Windows 10 Version 1809 for ARM64-based Systems

          Windows 10 Version 1809 for x64-based Systems

          Windows 10 Version 1809 for 32-bit  Systems   

          修復建議

          目前,微軟官方發布了臨時修補措施緩解漏洞帶來的危害,請用戶及時確認是否受到漏洞影響,盡快采取修補措施。官方鏈接如下:

          https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190


          文章來源:CNNVD



          江蘇國駿信息科技有限公司 蘇ICP備17037372號-2 電話:400-6776-989; 0516-83887908 郵箱:manager@jsgjxx.com          

          <ins id="tnc6t"></ins>
          <ins id="tnc6t"><address id="tnc6t"><output id="tnc6t"></output></address></ins>
        2. <input id="tnc6t"></input>

            <button id="tnc6t"></button>

              1. {关键词}