¡¾Îó²îͨ¸æ¡¿WindowsÄÚºËȨÏÞÌáÉýÎó²î£¨CVE-2023-35359£©

Ðû²¼Ê±¼ä 2023-09-22

Ò»¡¢Îó²î¸ÅÊö

CVE   ID

CVE-2023-35359

·¢Ã÷ʱ¼ä

2023-08-09

Àà    ÐÍ

ȨÏÞÌáÉý

µÈ    ¼¶

¸ßΣ

¹¥»÷ÏòÁ¿

ÍâµØ

ËùÐèȨÏÞ

µÍ

¹¥»÷ÖØƯºó

µÍ

Óû§½»»¥

ÎÞ

PoC/EXP

ÒѹûÕæ

ÔÚҰʹÓÃ

δ֪

 

WindowsÄÚºËÊÇWindowsϵͳµÄ½¹µã£¬£¬ £¬£¬ £¬£¬£¬ÈÏÕæÖÎÀíϵͳµÄÀú³Ì¡¢ÄÚ´æ¡¢×°±¸Çý¶¯³ÌÐò¡¢ÎļþºÍÍøÂçϵͳµÈ£¬£¬ £¬£¬ £¬£¬£¬ËüÊÇÅþÁ¬Ó¦ÓóÌÐòºÍÓ²¼þµÄÇÅÁº¡£¡£¡£¡£

9ÔÂ21ÈÕ£¬£¬ £¬£¬ £¬£¬£¬ÍòÀû¹ú¼Ê¹ÙÍøVSRC¼à²âµ½WindowsÄÚºËȨÏÞÌáÉýÎó²î£¨CVE-2023-35359£©µÄPoCÔÚ»¥ÁªÍøÉϹûÕæ¡£¡£¡£¡£¸ÃÎó²îµÄCVSSv3ÆÀ·ÖΪ7.8£¬£¬ £¬£¬ £¬£¬£¬Î¢ÈíÒÑÔÚ2023Äê8Ô²¹¶¡ÈÕÐû²¼µÄÇå¾²¸üÐÂÖÐÐÞ¸´Á˸ÃÎó²î¡£¡£¡£¡£

¸ÃÎó²îʹÓÃÁËWindowsÔÚÄ£ÄâÀú³ÌÖб£´æÓëÌ滻ϵͳÇý¶¯Æ÷ÅÌ·ûÏà¹ØµÄÎÊÌ⣬£¬ £¬£¬ £¬£¬£¬Äܹ»ÔÚÄ¿µÄ»úеÉϽ¨ÉèÎļþ¼ÐºÍ¸ú×ÙÐÔÄܵÄÍâµØµÍȨÏÞÓû§¿ÉʹÓøÃÎó²îÓÕÆ­ÌØȨÀú³Ì´Ó²»ÊÜÐÅÈεÄλÖüÓÔØÉèÖÃÎļþºÍÆäËû×ÊÔ´£¬£¬ £¬£¬ £¬£¬£¬´Ó¶øµ¼ÖÂÌØȨÌáÉý¡£¡£¡£¡£

 

¶þ¡¢Ó°Ïì¹æÄ£

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

 

Èý¡¢Çå¾²²½·¥

3.1 Éý¼¶°æ±¾

¸ÃÎó²îÒÑÔÚ2023Äê8Ô²¹¶¡ÈÕÐû²¼µÄÇå¾²¸üÐÂÖÐÐÞ¸´£¬£¬ £¬£¬ £¬£¬£¬ÊÜÓ°ÏìÓû§¿ÉʵʱװÖᣡ£¡£¡£

£¨Ò»£©Windows Update×Ô¶¯¸üÐÂ

Microsoft UpdateĬÈÏÆôÓ㬣¬ £¬£¬ £¬£¬£¬µ±ÏµÍ³¼ì²âµ½¿ÉÓøüÐÂʱ£¬£¬ £¬£¬ £¬£¬£¬½«»á×Ô¶¯ÏÂÔظüв¢ÔÚÏÂÒ»´ÎÆô¶¯Ê±×°Öᣡ£¡£¡£Ò²¿ÉÑ¡Ôñͨ¹ýÒÔÏ°취ÊÖ¶¯¾ÙÐиüУº

1¡¢µã»÷¡°×îÏȲ˵¥¡±»ò°´Windows¿ì½Ý¼ü£¬£¬ £¬£¬ £¬£¬£¬µã»÷½øÈë¡°ÉèÖá±

2¡¢Ñ¡Ôñ¡°¸üкÍÇå¾²¡±£¬£¬ £¬£¬ £¬£¬£¬½øÈë¡°Windows¸üС±£¨Windows 8¡¢Windows 8.1¡¢Windows Server 2012ÒÔ¼°Windows Server 2012 R2¿Éͨ¹ý¿ØÖÆÃæ°å½øÈë¡°Windows¸üС±£¬£¬ £¬£¬ £¬£¬£¬Ïêϸ°ì·¨Îª¡°¿ØÖÆÃæ°å¡±->¡°ÏµÍ³ºÍÇå¾²¡±->¡°Windows¸üС±£©

3¡¢Ñ¡Ôñ¡°¼ì²é¸üС±£¬£¬ £¬£¬ £¬£¬£¬ÆÚ´ýϵͳ×Ô¶¯¼ì²é²¢ÏÂÔØ¿ÉÓøüС£¡£¡£¡£

4¡¢¸üÐÂÍê³ÉºóÖØÆôÅÌËã»ú£¬£¬ £¬£¬ £¬£¬£¬¿Éͨ¹ý½øÈë¡°Windows¸üС±->¡°Éó²é¸üÐÂÀúÊ·¼Í¼¡±Éó²éÊÇ·ñÀÖ³É×°ÖÃÁ˸üС£¡£¡£¡£¹ØÓÚûÓÐÀÖ³É×°ÖõĸüУ¬£¬ £¬£¬ £¬£¬£¬¿ÉÒÔµã»÷¸Ã¸üÐÂÃû³Æ½øÈë΢Èí¹Ù·½¸üÐÂÐÎòÁ´½Ó£¬£¬ £¬£¬ £¬£¬£¬µã»÷×îеÄSSUÃû³Æ²¢ÔÚÐÂÁ´½ÓÖеã»÷¡°Microsoft ¸üÐÂĿ¼¡±£¬£¬ £¬£¬ £¬£¬£¬È»ºóÔÚÐÂÁ´½ÓÖÐÑ¡ÔñÊÊÓÃÓÚÄ¿µÄϵͳµÄ²¹¶¡¾ÙÐÐÏÂÔز¢×°Öᣡ£¡£¡£

£¨¶þ£©Microsoft¹Ù·½ÏÂÔØÏìÓ¦²¹¶¡¾ÙÐиüС£¡£¡£¡£

ÏÂÔØÁ´½Ó£º

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35359

3.2 ÔÝʱ²½·¥

ÔÝÎÞ¡£¡£¡£¡£

3.3 ͨÓý¨Òé

l  °´ÆÚ¸üÐÂϵͳ²¹¶¡£¡£¡£¡£¬£¬ £¬£¬ £¬£¬£¬ïÔ̭ϵͳÎó²î£¬£¬ £¬£¬ £¬£¬£¬ÌáÉýЧÀÍÆ÷µÄÇå¾²ÐÔ¡£¡£¡£¡£

l  ÔöǿϵͳºÍÍøÂçµÄ»á¼û¿ØÖÆ£¬£¬ £¬£¬ £¬£¬£¬Ð޸ķÀ»ðǽսÂÔ£¬£¬ £¬£¬ £¬£¬£¬¹Ø±Õ·ÇÐëÒªµÄÓ¦Óö˿ڻòЧÀÍ£¬£¬ £¬£¬ £¬£¬£¬ïÔÌ­½«Î£ÏÕЧÀÍ£¨ÈçSSH¡¢RDPµÈ£©Ì»Â¶µ½¹«Íø£¬£¬ £¬£¬ £¬£¬£¬ïÔÌ­¹¥»÷Ãæ¡£¡£¡£¡£

l  ʹÓÃÆóÒµ¼¶Çå¾²²úÆ·£¬£¬ £¬£¬ £¬£¬£¬ÌáÉýÆóÒµµÄÍøÂçÇå¾²ÐÔÄÜ¡£¡£¡£¡£

l  ÔöǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬£¬ £¬£¬ £¬£¬£¬ÆôÓöàÒòËØÈÏÖ¤»úÖƺÍ×îСȨÏÞÔ­Ôò£¬£¬ £¬£¬ £¬£¬£¬Óû§ºÍÈí¼þȨÏÞÓ¦¼á³ÖÔÚ×îµÍÏ޶ȡ£¡£¡£¡£

l  ÆôÓÃÇ¿ÃÜÂëÕ½ÂÔ²¢ÉèÖÃΪ°´ÆÚÐ޸ġ£¡£¡£¡£

3.4 ²Î¿¼Á´½Ó

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35359

https://packetstormsecurity.com/files/174528/Microsoft-Windows-Privilege-Escalation.html

 

ËÄ¡¢°æ±¾ÐÅÏ¢

°æ±¾

ÈÕÆÚ

±¸×¢

V1.0

2023-09-22

Ê×´ÎÐû²¼

 


Îå¡¢¸½Â¼

5.1 ÍòÀû¹ú¼Ê¹ÙÍø¼ò½é

ÍòÀû¹ú¼Ê¹ÙÍø½¨ÉèÓÚ1996Ä꣬£¬ £¬£¬ £¬£¬£¬ÊÇÓÉÁôÃÀ²©Ê¿ÑÏÍû¼ÑŮʿ½¨ÉèµÄ¡¢ÓµÓÐÍêÈ«×ÔÖ÷֪ʶ²úȨµÄÐÅÏ¢Çå¾²¸ß¿Æ¼¼ÆóÒµ¡£¡£¡£¡£ÊǺ£ÄÚ×î¾ßʵÁ¦µÄÐÅÏ¢Çå¾²²úÆ·¡¢Ç徲ЧÀͽâ¾ö¼Æ»®µÄÁ캽ÆóÒµÖ®Ò»¡£¡£¡£¡£

¹«Ë¾×ܲ¿Î»ÓÚ±±¾©ÊÐÖйشåÈí¼þÔ°ÍòÀû¹ú¼Ê¹ÙÍø´óÏ㬣¬ £¬£¬ £¬£¬£¬¹«Ë¾Ô±¹¤6000ÓàÈË£¬£¬ £¬£¬ £¬£¬£¬Ñз¢ÍŶÓ1200ÓàÈË, ÊÖÒÕЧÀÍÍŶÓ1300ÓàÈË¡£¡£¡£¡£ÔÚÌìϸ÷Ê¡¡¢ÊС¢×ÔÖÎÇøÉèÁ¢·ÖÖ§»ú¹¹ÁùÊ®¶à¸ö£¬£¬ £¬£¬ £¬£¬£¬ÓµÓÐÁýÕÖÌìϵÄÏúÊÛϵͳ¡¢ÇþµÀϵͳºÍÊÖÒÕÖ§³Öϵͳ¡£¡£¡£¡£¹«Ë¾ÓÚ2010Äê6ÔÂ23ÈÕÔÚÉîÛÚÖÐС°å¹ÒÅÆÉÏÊС£¡£¡£¡££¨¹ÉƱ´úÂ룺002439£©

¶àÄêÀ´£¬£¬ £¬£¬ £¬£¬£¬ÍòÀû¹ú¼Ê¹ÙÍøÖÂÁ¦ÓÚÌṩ¾ßÓйú¼Ê¾ºÕùÁ¦µÄ×ÔÖ÷Á¢ÒìµÄÇå¾²²úÆ·ºÍ×î¼Ñʵ¼ùЧÀÍ£¬£¬ £¬£¬ £¬£¬£¬×ÊÖú¿Í»§ÖÜÈ«ÌáÉýÆäIT»ù´¡ÉèÊ©µÄÇå¾²ÐÔºÍÉú²úЧÄÜ£¬£¬ £¬£¬ £¬£¬£¬Îª´òÔìºÍÌáÉý¹ú¼Ê»¯µÄÃñ×åÐÅÏ¢Çå¾²¹¤ÒµÁì¾üÆ·Åƶø²»Ð¸Æ𾢡£¡£¡£¡£

5.2 ¹ØÓÚÍòÀû¹ú¼Ê¹ÙÍø

ÍòÀû¹ú¼Ê¹ÙÍøÇå¾²Ó¦¼±ÏìÓ¦ÖÐÐÄÒÑÐû²¼1000¶à¸öÎó²îͨ¸æºÍΣº¦Ô¤¾¯£¬£¬ £¬£¬ £¬£¬£¬ÎÒÃǽ«Ò»Á¬¸ú×ÙÈ«Çò×îеÄÍøÂçÇå¾²ÊÂÎñºÍÎó²î£¬£¬ £¬£¬ £¬£¬£¬ÎªÆóÒµµÄÐÅÏ¢Çå¾²±£¼Ý»¤º½¡£¡£¡£¡£

¹Ø×¢ÎÒÃÇ£º

image.png