2023年11月15日(北京时间),微软发布了安全更新,共发布了78个CVE的补丁程序,同比上月减少了27个。
在漏洞安全等级方面,存在3个标记等级为“Critical”的漏洞,61个漏洞被标记为“Important/High”等级的漏洞;在漏洞类型方面,主要有28个远程代码执行漏洞,18个权限提升漏洞以及6个信息泄露漏洞。
漏洞分析
2023年漏洞数量趋势
图 1 2023年微软补丁漏洞修复情况
总体上来看,微软本月发布的补丁数量为78个,有3个 Critical 漏洞补丁。
千里目安全技术中心在综合考虑往年微软公布漏洞数量的数据统计和今年的特殊情况,初步估计微软在今年十二月份公布的漏洞数将比今年十一月份少。漏洞数量将会维持在70个左右。
历史微软补丁日11月漏洞对比
2020-2023年,11月份的漏洞数趋势如下图:
图 2 微软近年11月Windows补丁漏洞数量对比
2020-2023年,11月份的漏洞危险等级趋势和数量如下图:
图 3 微软近年11月漏洞危险等级对比
2020-2023年,11月份的漏洞各个类型数量对比如下图:
图 4 微软近年11月漏洞类型对比
从漏洞数量来看,今年相较去年增多。微软在2023年11月份爆发的漏洞相较于去年增多。本月出现了78个漏洞补丁,并且有3个 Critical 类型的漏洞补丁。
从漏洞的危险等级来看,相较去年“Critical”等级的漏洞数量减少,“Important/High”等级的漏洞数量增多。本月出现了61个“Important/High”等级的漏洞,相较去年增多了约7%;3个“Critical”类型的漏洞,相较去年减少了约75%。
从漏洞类型来看,RCE类型的漏洞数量增多,DoS类型的漏洞数量增加,EoP类型的漏洞数量减少,仍然需要引起高度重视,尤其是RCE漏洞在配合社工手段的前提下,甚至可以直接接管整个局域网并进行进一步扩展攻击。
重要漏洞分析
漏洞分析
Windows DWM 核心库特权提升漏洞 CVE-2023-36033
DWM桌面窗口管理器是自Windows Vista以来Microsoft Windows中的合成窗口管理器,它允许使用硬件加速来呈现 Windows 的图形用户界面。它最初是为了启用部分新的“ Windows Aero ”用户体验而创建的,它允许诸如透明度、3D 窗口切换等效果。
其中存在特权提升漏洞,攻击者可以利用该漏洞在目标系统上获取更高的权限。该漏洞经过评估,危害比较大,我们建议用户及时更新微软安全补丁。
Windows Cloud Files Mini Filter Driver 特权提升漏洞 CVE-2023-36036
Windows Cloud Files Mini Filter Driver被用在OneDrive中。OneDrive是微软公司所推出的网络硬盘及云端服务。用户可以上传他们的文件到网络服务器上,并且透过网络浏览器来浏览那些文件。更可直接编辑和观看 Office 文件。同时推出同步上传软件,可于电脑直接访问和同步文件。另外,OneDrive允许用户透过微软账号来限制不同的用户访问文件,允许用户决定是否将文件公开分享,或是限于通讯录上的人才能访问。
其中存在特权提升漏洞,攻击者可以利用该漏洞在目标系统上获取更高的权限。该漏洞存在在野利用,经过评估,危害比较大,我们建议用户及时更新微软安全补丁。
Windows SmartScreen 安全功能绕过漏洞 CVE-2023-36025
Microsoft SmartScreen 是在包含在许多微软产品中的一款基于云端的反钓鱼反恶意软件的组件,被设计为针对社会工程学、路过式下载等安全风险保护用户。
其中存在安全功能绕过漏洞,攻击者可以利用该漏洞在绕过目标系统上的安全功能,做出规定之外的行为。漏洞存在在野利用,经过评估,危害比较大,我们建议用户及时更新微软安全补丁。
影响范围
漏洞名称、CVE编号 | 受影响版本 |
Windows DWM 核心库特权提升漏洞 CVE-2023-36033 | Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
Windows Cloud Files Mini Filter Driver 特权提升漏洞 CVE-2023-36036 | Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 |
Windows SmartScreen 安全功能绕过漏洞 CVE-2023-36025 | Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
漏洞名称、CVE编号 | 受影响版本 |
Windows DWM 核心库特权提升漏洞 CVE-2023-36033 | Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
Windows Cloud Files Mini Filter Driver 特权提升漏洞 CVE-2023-36036 | Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 |
Windows SmartScreen 安全功能绕过漏洞 CVE-2023-36025 | Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
解决方案
官方修复建议
官方修复建议
微软官方已更新受影响软件的安全补丁,用户可根据不同系统版本下载安装对应的安全补丁,安全更新链接如下:
1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36033
2. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36036
3. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36025
参考链接
https://msrc.microsoft.com/update-guide/releaseNote/2023-Nov
时间轴
2023/11/15
微软例行补丁日,微软官网发布漏洞安全公告。
2023/11/15
深信服千里目安全技术中心发布安全公告。
点击阅读原文,及时关注并登录深信服智安全平台,可轻松查询漏洞相关解决方案。
如有侵权请联系:admin#unsafe.sh