更新時間:2022/12/12 15:56:55
發佈時間:2022/12/12 15:56:55
TLP:
(White)
得對外公開散布,但不得違反著作權法等相關規定
更新說明:
一、漏洞說明[1]
Windows Scripting Languages存在高風險 RCE漏洞(CVE-2022-41128),影響多數的 Windows 版本,攻擊者成功利用此漏洞時可自遠端執行任意程式碼。
二、已揭露攻擊程式碼說明
相關資安新聞說明觀察到此漏洞遭利用於攻擊行為,並有相關 POC 程式碼。[2][3]
三、影響平台
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016
Windows Server 2019
Windows Server 2022
四、CVSS向量: CVE-2022- 41128 [1]
使用版本:CVSS 3.1
分析分數:8.8
參考來源: Microsoft
建議措施:
1. 官方已於2022年11月例行安全性更新中發布更新,建議依照單位內既有漏洞管理機制,評估後執行相關作業。
參考資料:
1. Microsoft
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41128
2. Google TAG
https://blog.google/threat-analysis-group/internet-explorer-0-day-exploited-by-north-korean-actor-apt37/
3. Google Project Zero
https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2022/CVE-2022-41128.html
影響平台:
Microsoft Windows
情資編號:
FISAC-ANA-202212-0021
系統目錄:
資安漏洞
資安類別:
資安訊息情資 / 漏洞訊息
影響等級:
3
關鍵字:
弱點漏洞