微软2月安全更新多个产品高危漏洞通告
2023-2-16 10:58:9 Author: blog.nsfocus.net(查看原文) 阅读量:20 收藏

阅读: 18

一、漏洞概述

2月15日,绿盟科技CERT监测到微软发布2月安全更新补丁,修复了75个安全问题,涉及Microsoft Exchange Server、Microsoft Word、Windows Graphics Component、Microsoft Publisher等广泛使用的产品,其中包括权限提升、远程代码执行等高危漏洞类型。

本月微软月度更新修复的漏洞中,严重程度为关键(Critical)的漏洞有9个,重要(Important)漏洞有66个,其中包括3个0day漏洞:

Windows Graphics Component远程代码执行漏洞(CVE-2023-21823)

Microsoft Publisher 安全功能绕过漏洞(CVE-2023-21715)

Windows 通用日志文件系统驱动程序特权提升漏洞(CVE-2023-23376)

请相关用户尽快更新补丁进行防护,完整漏洞列表请参考附录。

绿盟远程安全评估系统(RSAS)已具备微软此次补丁更新中大部分漏洞的检测能力(包括CVE-2023-21823、CVE-2023-21715、CVE-2023-23376、CVE-2023-21689、CVE-2023-21690等高危漏洞),请相关用户关注绿盟远程安全评估系统插件升级包的更新,及时升级至 rsas-vulsys-V6.0R02F01.3004.dat官网链接:http://update.nsfocus.com/update/listRsasDetail/v/vulsys

参考链接:

https://msrc.microsoft.com/update-guide/releaseNote/2023-Feb

二、重点漏洞简述

根据产品流行度和漏洞重要性筛选出此次更新中包含影响较大的漏洞,请相关用户重点进行关注:

Windows Graphics Component远程代码执行漏洞(CVE-2023-21823):

由于Graphics Component中的应用程序未实行正确的安全限制,具有低权限的本地攻击者通过利用该漏洞绕过安全限制,从而在目标系统上提升至SYSTEM权限,且无需用户交互。目前已监测到该漏洞存在在野利用,CVSS评分为7.8。

官方通告链接:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21823

Microsoft Publisher 安全功能绕过漏洞(CVE-2023-21715):

Microsoft Publisher 中存在安全功能绕过漏洞,攻击者通过诱导用户从网站下载并打开恶意文件,对目标系统进行攻击。成功利用该漏洞的攻击者可以绕过用于阻止不受信任或恶意文件的Office宏策略,进而允许恶意Publisher文档中的宏运行。目前已监测到该漏洞存在在野利用,CVSS评分为7.3。

官方通告链接:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21715

Windows 通用日志文件系统驱动程序特权提升漏洞(CVE-2023-23376):

Windows 通用日志文件系统驱动程序存在权限提升漏洞,由于Windows公共日志文件系统驱动程序中存在边界错误,本地攻击者通过运行恶意程序从而触发内存损坏,最终可实现在目标系统上以SYSTEM权限任意执行代码。目前已监测到该漏洞存在在野利用,CVSS评分7.8。

官方通告链接:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23376

Microsoft Protected Extensible Authentication Protocol (PEAP) 远程代码执行漏洞(CVE-2023-21689):

Microsoft PEAP存在远程代码执行漏洞(CVE-2023-21689)。未经身份验证的远程攻击者通过在网络调用服务器帐户上下文时触发恶意代码,最终导致在目标服务器上执行任意代码。CVSS评分9.8。

官方通告链接:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21689

Microsoft Protected Extensible Authentication Protocol (PEAP) 远程代码执行漏洞(CVE-2023-21689/CVE-2023-21690/CVE-2023-21692):

Microsoft PEAP存在远程代码执行漏洞(CVE-2023-21690/CVE-2023-21692)。未经身份验证的远程攻击者通过向目标服务器发送特制的恶意PEAP数据包攻击目标服务器,成功利用漏洞的攻击者可在目标系统上执行任意代码。CVSS评分均为9.8。

官方通告链接:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21690

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21692

Microsoft Word 远程执行代码漏洞(CVE-2023-21716):

Microsoft Word中存在远程代码执行漏洞,攻击者可通过发送包含RTF有效负载的恶意电子邮件,当成功诱导用户在受影响的系统访问并打开特制恶意文件后,无需身份验证的攻击者可利用该漏洞在目标系统上执行任意代码,且预览窗格也可作为该漏洞的攻击媒介。CVSS评分为9.8。

官方通告链接:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21716 

Microsoft Exchange Server远程代码执行漏洞(CVE-2023-21707/CVE-2023-21706/CVE-2023-21529):

Microsoft Exchange Server存在远程代码执行漏洞,经过身份验证的远程攻击者通过在网络调用服务器帐户上下文时触发恶意代码,最终导致在目标服务器上执行任意代码。CVSS评分8.8。

官方通告链接:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21707

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21706

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21529

Microsoft SharePoint Server特权提升漏洞(CVE-2023-21717)

Microsoft SharePoint服务器存在特权提升漏洞,经过身份验证且具有Manage List权限的攻击者通过该漏洞获得创建站点的访问权限,最终可实现在目标服务器上执行任意代码,CVSS评分为8.8。

官方通告链接:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21717

三、影响范围

以下为部分重点关注漏洞的受影响产品版本,其他漏洞影响产品范围请参阅官方通告链接。

漏洞编号 受影响产品版本
CVE-2023-21823 Microsoft Office for Android

Microsoft Office for iOS

Microsoft Office for Universal

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

CVE-2023-21715 Microsoft 365 Apps for Enterprise for 32-bit Systems

Microsoft 365 Apps for Enterprise for 64-bit Systems

CVE-2023-23376

CVE-2023-21692

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

CVE-2023-21689

CVE-2023-21690

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

CVE-2023-21716 SharePoint Server Subscription Edition Language Pack

Microsoft 365 Apps for Enterprise for 32-bit Systems

Microsoft Office LTSC 2021 for 64-bit editions

Microsoft SharePoint Server Subscription Edition

Microsoft Office LTSC 2021 for 32-bit editions

Microsoft Office LTSC for Mac 2021

Microsoft Word 2013 Service Pack 1 (64-bit editions)

Microsoft Word 2013 RT Service Pack 1

Microsoft Word 2013 Service Pack 1 (32-bit editions)

Microsoft SharePoint Foundation 2013 Service Pack 1

Microsoft Office Web Apps Server 2013 Service Pack 1

Microsoft Word 2016 (32-bit edition)

Microsoft Word 2016 (64-bit edition)

Microsoft SharePoint Server 2019

Microsoft SharePoint Enterprise Server 2013 Service Pack 1

Microsoft SharePoint Enterprise Server 2016

Microsoft 365 Apps for Enterprise for 64-bit Systems

Microsoft Office 2019 for Mac

Microsoft Office Online Server

CVE-2023-21707

CVE-2023-21706

CVE-2023-2152

Microsoft Exchange Server 2013 Cumulative Update 23

Microsoft Exchange Server 2016 Cumulative Update 23

Microsoft Exchange Server 2019 Cumulative Update 11

Microsoft Exchange Server 2019 Cumulative Update 12

CVE-2023-21717 Microsoft SharePoint Foundation 2013 Service Pack 1

Microsoft SharePoint Server Subscription Edition

Microsoft SharePoint Server 2019

Microsoft SharePoint Enterprise Server 2013 Service Pack 1

Microsoft SharePoint Enterprise Server 2016

四、漏洞防护

  • 补丁更新

目前微软官方已针对受支持的产品版本发布了修复以上漏洞的安全补丁,强烈建议受影响用户尽快安装补丁进行防护,官方下载链接:

https://msrc.microsoft.com/update-guide/releaseNote/2023-Feb

注:由于网络问题、计算机环境问题等原因,Windows Update的补丁更新可能出现失败。用户在安装补丁后,应及时检查补丁是否成功更新。

右键点击Windows图标,选择“设置(N)”,选择“更新和安全”-“Windows更新”,查看该页面上的提示信息,也可点击“查看更新历史记录”查看历史更新情况。

针对未成功安装的更新,可点击更新名称跳转到微软官方下载页面,建议用户点击该页面上的链接,转到“Microsoft更新目录”网站下载独立程序包并安装。

附录:漏洞列表

影响产品 CVE编号 漏洞标题 严重程度
Windows iSCSI CVE-2023-21803 Windows iSCSI 发现服务远程代码执行漏洞 Critical
Microsoft Office Word CVE-2023-21716 Microsoft Word 远程代码执行漏洞 Critical
Windows Protected EAP (PEAP) CVE-2023-21692 Microsoft 受保护的可扩展身份验证协议 (PEAP) 远程代码执行漏洞 Critical
Windows Protected EAP (PEAP) CVE-2023-21690 Microsoft 受保护的可扩展身份验证协议 (PEAP) 远程代码执行漏洞 Critical
Windows Protected EAP (PEAP) CVE-2023-21689 Microsoft 受保护的可扩展身份验证协议 (PEAP) 远程代码执行漏洞 Critical
Visual Studio CVE-2023-21815 Visual Studio 远程代码执行漏洞 Critical
Visual Studio CVE-2023-23381 Visual Studio 远程代码执行漏洞 Critical
.NET and Visual Studio CVE-2023-21808 .NET 和 Visual Studio 远程代码执行漏洞 Critical
SQL Server CVE-2023-21718 Microsoft SQL ODBC 驱动程序远程代码执行漏洞 Critical
Microsoft Graphics Component CVE-2023-21823 Windows Graphics Component 远程代码执行漏洞 Important
Microsoft Office Publisher CVE-2023-21715 Microsoft Publisher 安全功能绕过漏洞 Important
Windows Common Log File System Driver CVE-2023-23376 Windows 通用日志文件系统驱动程序特权提升漏洞 Important
Microsoft Exchange Server CVE-2023-21707 Microsoft Exchange Server 远程代码执行漏洞 Important
Microsoft Exchange Server CVE-2023-21706 Microsoft Exchange Server 远程代码执行漏洞 Important
Microsoft Exchange Server CVE-2023-21529 Microsoft Exchange Server 远程代码执行漏洞 Important
Microsoft Office SharePoint CVE-2023-21717 Microsoft SharePoint Server 特权提升漏洞 Important
Microsoft PostScript Printer Driver CVE-2023-21684 Microsoft PostScript 打印机驱动程序远程代码执行漏洞 Important
Microsoft WDAC OLE DB provider for SQL CVE-2023-21686 Microsoft WDAC OLE DB provider for SQL Server 远程代码执行漏洞 Important
Microsoft WDAC OLE DB provider for SQL CVE-2023-21685 Microsoft WDAC OLE DB provider for SQL Server 远程代码执行漏洞 Important
Microsoft WDAC OLE DB provider for SQL CVE-2023-21799 Microsoft WDAC OLE DB provider for SQL Server 远程代码执行漏洞 Important
SQL Server CVE-2023-21713 Microsoft SQL Server 远程代码执行漏洞 Important
SQL Server CVE-2023-21705 Microsoft SQL Server 远程代码执行漏洞 Important
Windows ODBC Driver CVE-2023-21797 Microsoft ODBC 驱动程序远程代码执行漏洞 Important
Windows ODBC Driver CVE-2023-21798 Microsoft ODBC 驱动程序远程代码执行漏洞 Important
Azure App Service CVE-2023-21777 Azure App Service on Azure  Stack Hub 特权提升漏洞 Important
Microsoft Dynamics CVE-2023-21778 Microsoft Dynamics Unified Service Desk远程代码执行漏洞 Important
Power BI CVE-2023-21806 Power BI 报表服务器欺骗漏洞 Important
3D Builder CVE-2023-23390 3D Builder 远程代码执行漏洞 Important
3D Builder CVE-2023-23377 3D Builder 远程代码执行漏洞 Important
3D Builder CVE-2023-23378 Print 3D 远程代码执行漏洞 Important
Microsoft Defender for Endpoint CVE-2023-21809 Microsoft Defender for Endpoint 安全功能绕过漏洞 Important
Microsoft Graphics Component CVE-2023-21804 Windows Graphics Component 特权提升漏洞 Important
Microsoft PostScript Printer Driver CVE-2023-21801 Microsoft PostScript 打印机驱动程序远程代码执行漏洞 Important
Microsoft Windows Codecs Library CVE-2023-21802 Windows Media 远程代码执行漏洞 Important
SQL Server CVE-2023-21528 Microsoft SQL Server 远程代码执行漏洞 Important
SQL Server CVE-2023-21704 Microsoft ODBC Driver for SQL Server 远程代码执行漏洞 Important
Visual Studio CVE-2023-21566 Visual Studio 特权提升漏洞 Important
Windows ALPC CVE-2023-21688 NT 操作系统内核特权提升漏洞 Important
Windows Installer CVE-2023-21800 Windows 安装程序特权提升漏洞 Important
Windows Kerberos CVE-2023-21817 Windows Kerberos 特权提升漏洞 Important
Windows MSHTML Platform CVE-2023-21805 Windows MSHTML 平台远程代码执行漏洞 Important
Windows Win32K CVE-2023-21822 Windows Graphics Component  特权提升漏洞 Important
Azure DevOps CVE-2023-21553 Azure DevOps Server 远程代码执行漏洞 Important
Windows Active Directory CVE-2023-21816 Windows Active Directory 域服务 API 拒绝服务漏洞 Important
Windows Cryptographic Services CVE-2023-21813 Windows 安全通道拒绝服务漏洞 Important
Windows Cryptographic Services CVE-2023-21819 Windows 安全通道拒绝服务漏洞 Important
Windows iSCSI CVE-2023-21700 Windows iSCSI 发现服务拒绝服务漏洞 Important
Windows iSCSI CVE-2023-21702 Windows iSCSI 服务拒绝服务漏洞 Important
Windows iSCSI CVE-2023-21811 Windows iSCSI 服务拒绝服务漏洞 Important
Windows Protected EAP (PEAP) CVE-2023-21695 Microsoft 受保护的可扩展身份验证协议 (PEAP) 远程代码执行漏洞 Important
Windows Protected EAP (PEAP) CVE-2023-21701 Microsoft 受保护的可扩展身份验证协议 (PEAP) 拒绝服务漏洞 Important
Windows Protected EAP (PEAP) CVE-2023-21691 Microsoft 受保护的可扩展身份验证协议 (PEAP) 信息泄露漏洞 Important
Windows SChannel CVE-2023-21818 Windows 安全通道拒绝服务漏洞 Important
Windows Distributed File System (DFS) CVE-2023-21820 Windows 分布式文件系统 (DFS) 远程代码执行漏洞 Important
SQL Server CVE-2023-21568 Microsoft SQL Server Integration Service (VS extension) 远程代码执行漏洞 Important
Microsoft Exchange Server CVE-2023-21710 Microsoft Exchange Server 远程代码执行漏洞 Important
Azure DevOps CVE-2023-21564 Azure DevOps Server 跨站点脚本漏洞 Important
Windows Fax and Scan Service CVE-2023-21694 Windows 传真服务远程代码执行漏洞 Important
Azure Data Box Gateway CVE-2023-21703 Azure Data Box Gateway 远程代码执行漏洞 Important
Azure Machine Learning CVE-2023-23382 Azure Machine Learning Compute Instance信息泄露漏洞 Important
Microsoft Dynamics CVE-2023-21572 Microsoft Dynamics 365 (本地) 跨站点脚本漏洞 Important
Microsoft Office OneNote CVE-2023-21721 Microsoft OneNote 欺骗漏洞 Important
Microsoft Defender for IoT CVE-2023-23379 Microsoft Defender for IoT 提权提升漏洞 Important
Internet Storage Name Service CVE-2023-21697 Windows Internet 存储名称服务 (iSNS) 服务器信息泄露漏洞 Important
Microsoft Dynamics CVE-2023-21807 Microsoft Dynamics 365 (本地) 跨站点脚本漏洞 Important
Microsoft PostScript Printer Driver CVE-2023-21693 Microsoft PostScript Printer Driver 信息泄露漏洞 Important
Visual Studio CVE-2023-21567 Visual Studio 拒绝服务漏洞 Important
Microsoft Office CVE-2023-21714 Microsoft Office 办公信息泄露漏洞 Important
Windows HTTP.sys CVE-2023-21687 HTTP.sys 信息泄露漏洞 Important
Microsoft Dynamics CVE-2023-21573 Microsoft Dynamics 365 (本地) 跨站点脚本漏洞 Important
Microsoft Dynamics CVE-2023-21571 Microsoft Dynamics 365 (本地) 跨站点脚本漏洞 Important
Microsoft Dynamics CVE-2023-21570 Microsoft Dynamics 365 (本地) 跨站点脚本漏洞 Important
Internet Storage Name Service CVE-2023-21699 Windows Internet 存储名称服务 (iSNS) 服务器信息泄露漏洞 Important
.NET Framework CVE-2023-21722 .NET 框架拒绝服务漏洞 Important
Windows Common Log File System Driver CVE-2023-21812 Windows 通用日志文件系统驱动程序特权提升漏洞 Important

声明

本安全公告仅用来描述可能存在的安全问题,绿盟科技不为此安全公告提供任何保证或承诺。由于传播、利用此安全公告所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,绿盟科技以及安全公告作者不为此承担任何责任。

绿盟科技拥有对此安全公告的修改和解释权。如欲转载或传播此安全公告,必须保证此安全公告的完整性,包括版权声明等全部内容。未经绿盟科技允许,不得任意修改或者增减此安全公告内容,不得以任何方式将其用于商业目的。


文章来源: http://blog.nsfocus.net/microsoft2/
如有侵权请联系:admin#unsafe.sh