• 产品与解决方案
  • 行业解决方案
  • 服务
  • 支持
  • 合作伙伴
  • 关于我们

微软11月补丁日安全通告

【发布时间:2023-12-13】

新华三盾山实验室

2023/11/15

1. 漏洞综述

1.1 漏洞背景

2023年11月,新华三盾山实验室监测发现Microsoft官方发布了11月安全更新,共发布57个漏洞的补丁信息,主要修复了Windows Server 2022、Microsoft Office、.NET8.0 等产品中的漏洞。在此次更新的补丁中,有17个漏洞被微软标记为严重漏洞,且部分漏洞存在在野利用,由于影响较大,新华三盾山实验室建议广大用户及时做好资产自查以及预防工作,以免遭受黑客攻击。

1.2 重点漏洞

CVE-2023-36017 Windows 脚本引擎内存损坏漏洞

Windows 脚本引擎存在内存损坏漏洞,由于Windows 脚本引擎存在边界错误,恶意攻击者可以通过诱骗用户访问特制的程序或网站,来触发内存损坏,从而在目标系统上执行任意代码。

严重等级:严重 评分:8.8

CVE-2023-36397 Windows Pragmatic General Multicast (PGM) 远程代码执行漏洞

Windows Pragmatic General Multicast (PGM) 存在代码执行漏洞,由于Windows Pragmatic General Multicast (PGM) 对用户的输入验证不足,当Windows消息队列服务运行在PGM Server环境中时,攻击者可以通过网络发送特制文件来实现远程代码执行。

严重等级:严重 评分:9.8

CVE-2023-36025 Windows SmartScreen 安全功能绕过漏洞

Windows SmartScreen存在安全功能绕过漏洞,攻击者能够通过该漏洞绕过 Windows Defender SmartScreen 检查及其相关提示,诱骗用户点击特制的url文件从而在系统上执行任意代码。

严重等级:严重 评分:8.8

CVE-2023-36036 Windows Cloud Files Mini Filter Driver 权限提升漏洞

Windows Cloud Files Mini Filter Driver 存在权限提升漏洞,由于Windows Cloud Files Mini Filter Driver对数据验证不当,拥有低权限的攻击者可利用该漏洞将权限提升至系统权限。

严重等级:高危 评分:7.8

CVE-2023-36439 Microsoft Exchange Server 远程代码执行漏洞

Microsoft Exchange Server存在远程代码执行漏洞,经过身份验证的攻击者可以通过LAN 访问利用此漏洞,从而获得服务器邮箱后端的远程代码执行权限执行任意代码。

严重等级:高危 评分:8.0

CVE-2023-38177 Microsoft SharePoint Server 远程代码执行漏洞

Microsoft SharePoint Server 存在远程代码执行漏洞,由于 Microsoft SharePoint Server 对用户的输入验证不当,经过身份验证的攻击者可以利用该漏洞在 SharePoint Server 中远程执行代码。

严重等级:中危 评分:6.1

CVE-2023-36038 ASP.NET Core 拒绝服务漏洞

ASP.NET Core存在拒绝服务漏洞,未经身份验证的攻击者如果取消对 IIS InProcess 托管模型上运行的 .NET 8 RC 1 的 http 请求,则可利用该漏洞增加线程计数,并且可能会出现 OutOfMemoryException。

严重等级:高危 评分:8.2

2. 影响范围

CVE编号

受影响产品

CVE-2023-36017

Windows 11 Version 23H2 for x64-based Systems

Windows Server 2022, 23H2 Edition (Server Core installation)

Windows 11 Version 23H2 for ARM64-based Systems

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

CVE-2023-36397

CVE-2023-36025

CVE-2023-36036

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows Server 2022, 23H2 Edition (Server Core installation)

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

CVE-2023-36439

Microsoft Exchange Server 2019 Cumulative Update 12

Microsoft Exchange Server 2019 Cumulative Update 13

Microsoft Exchange Server 2016 Cumulative Update 23

CVE-2023-38177

Microsoft SharePoint Server Subscription Edition

Microsoft SharePoint Server 2019

Microsoft SharePoint Enterprise Server 2016

CVE-2023-36038

.NET 8.0

Microsoft Visual Studio 2022 version 17.7

Microsoft Visual Studio 2022 version 17.6

Microsoft Visual Studio 2022 version 17.4

Microsoft Visual Studio 2022 version 17.2

ASP.NET Core 8.0

3. 处置方法

3.1官方补丁

目前,微软官方已经发布针对此漏洞的补丁程序,建议用户通过以下链接尽快安装补丁程序:

https://msrc.microsoft.com/update-guide/releaseNote/2023-Nov

4. 参考链接

https://msrc.microsoft.com/update-guide/releaseNote/2023-Nov

新华三官网
联系我们