发布时间:2021-01-18 15:37:45,来源:深信服、斗象科技、天融信、绿盟科技
近日,微软发布了1月安全更新公告,修复了Microsoft Windows、Microsoft Edge、Office、Visual Studio、SQL Server、ASP .NET等多款产品组件和软件存在的83个漏洞的补丁,其中Microsoft Defender远程代码执行漏洞(CVE-2021-1647)威胁风险较大,目前,微软官方已发现该漏洞存在在野利用。在未授权的情况下,攻击者通过构造恶意文件并利用钓鱼邮件/链接等方式触发该漏洞,从而控制受害者计算机。对此,建议广大用户及时下载并安装修复补丁进行防护,并做好资产自查以及预防工作,以免遭受黑客攻击。
二、 漏洞等级
高危
三、 漏洞描述
Microsoft Defender是微软(Microsoft)公司的一款威胁防护软件。
Microsoft Defender存在远程代码执行漏洞,攻击者通过构造恶意文件,利用钓鱼邮件/链接等方式诱导受害者下载恶意构造的文件,并使Microsoft Defender扫描该恶意文件,产生缓冲区溢出,最终造成远程代码执行。
四、 影响范围
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
五、 安全建议
目前,微软官方已发布安全补丁,建议受影响用户尽快下载更新补丁并安装。
下载地址:https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-1647
六、 参考链接
https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Jan