1.漏洞公告
近日,微软官方发布了6月安全更新公告,包含了微软家族多个软件的安全更新补丁,包括:Windows操作系统、.Net Core、Office、Visual Studio、Microsoft Office、Hyper-V。其中严重漏洞5个,高危漏洞45个。请相关用户及时更新对应补丁修复漏洞。相关链接参考:。
根据公告,此次更新中修复的MSHTML平台远程代码执行漏洞和多个权限提升漏洞已发现在野利用,风险较大,建议尽快安装安全更新补丁或采取临时缓解措施加固系统。
2.影响范围
CVE-2021-33742Windows MSHTML平台远程代码执行漏洞:
影响范围:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Windows Server 2019
CVE-2021-33739 Microsoft DWM 核心库权限提升漏洞:
影响范围:
Microsoft Malware Protection Engine
CVE-2021-31956 Windows NTFS 特权提升漏洞:
影响范围:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
CVE-2021-31955 Windows 内核信息泄露漏洞:
影响范围:
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
CVE-2021-31201 Microsoft Enhanced Cryptographic Provider 特权提升漏洞:
影响范围:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
CVE-2021-31199 Microsoft Enhanced Cryptographic Provider 特权提升漏洞:
影响范围:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
6月安全公告列表,包含的其他漏洞(非全部)快速阅读指引:
CVE-2021-26414|Windows DCOM 服务器安全功能绕过
CVE-2021-31199|Microsoft Enhanced Cryptographic Provider 特权提升漏洞
CVE-2021-31201|Microsoft Enhanced Cryptographic Provider 特权提升漏洞
CVE-2021-31938|Microsoft VsCode Kubernetes 工具扩展特权提升漏洞
CVE-2021-31939|Microsoft Excel 远程执行代码漏洞
CVE-2021-31940|Microsoft Office 图形远程执行代码漏洞
CVE-2021-31941|Microsoft Office 图形远程执行代码漏洞
CVE-2021-31942|3D Viewer 远程执行代码漏洞
CVE-2021-31943|3D Viewer 远程执行代码漏洞
CVE-2021-31944|3D Viewer信息泄露漏洞
CVE-2021-31945|Paint 3D 远程执行代码漏洞
CVE-2021-31946|Paint 3D 远程执行代码漏洞
CVE-2021-31949|Microsoft Outlook 远程代码执行漏洞
CVE-2021-31955|Windows 内核信息泄露漏洞
CVE-2021-31956|Windows NTFS 特权提升漏洞
CVE-2021-31958|Windows NTLM 特权提升漏洞
CVE-2021-31959|脚本引擎内存损坏漏洞
CVE-2021-31960|Windows 绑定筛选器驱动程序信息泄露漏洞
CVE-2021-31962|Kerberos AppContainer 安全功能绕过漏洞
CVE-2021-31965|Microsoft SharePoint Server 信息泄露漏洞
CVE-2021-31967|VP9 Video 扩展程序远程执行代码漏洞
CVE-2021-31971|Windows HTML 平台安全功能绕过漏洞
CVE-2021-31972|Windows 事件跟踪信息泄露漏洞
CVE-2021-31975|NFS 服务器信息泄露漏洞
CVE-2021-31976|NFS 服务器信息泄露漏洞
CVE-2021-31977|Windows Hyper-V 拒绝服务漏洞
CVE-2021-31978|Microsoft Defender 拒绝服务漏洞
CVE-2021-31980|Microsoft Intune 管理扩展远程执行代码漏洞
CVE-2021-31983|Paint 3D 远程执行代码漏洞
CVE-2021-31985|Microsoft Defender 远程代码执行漏洞
CVE-2021-33739|Microsoft DWM 核心库权限提升漏洞
CVE-2021-33741|基于 Chromium 的 Microsoft Edge 特权提升漏洞
CVE-2021-33742|Windows MSHTML平台远程代码执行漏洞
3.漏洞描述
CVE-2021-33742:Windows MSHTML平台远程代码执行漏洞,该漏洞影响所有受支持的Microsoft Windows版本,攻击者可通过构造恶意的网页诱使用户访问,当受害者访问恶意页面时可触发该漏洞,成功利用该漏洞可导致攻击者控制受害者主机。
CVE-2021-33739:Microsoft DWM核心库提权漏洞,攻击者通过构造恶意的程序诱使用户执行,利用该漏洞攻击者可绕过Defender的防护策略,成功利用可导致用户主机被攻击者控制。
CVE-2021-31956:Windows NTFS提权漏洞,攻击者可利用该漏洞实现本地权限提升。
CVE-2021-31955:Windows内核信息泄露漏洞,攻击者利用该漏洞可从用户模式进程读取内核内存的内容,在一定条件下可导致内心信息泄漏。
CVE-2021-31201、CVE-2021-31199:Microsoft Enhanced Cryptographic Provider特权提升漏洞,攻击者利用该漏洞可实现本地权限提升,可于Adobe Reader CVE-2021-28550漏洞组合进行远程利用。
4.缓解措施
高危:目前部分漏洞细节虽未公开,但是恶意攻击者可以通过补丁对比方式分析出漏洞触发点,并进一步开发漏洞利用代码,建议及时测试安全更新补丁并应用安装和完善威胁识别、漏洞缓解措施。
目前微软针对支持的产品已发布升级补丁修复了上述漏洞,请用户参考官方通告及时下载更新补丁。
补丁获取:。