零日漏洞PrintNightmare曝光:可在Windows后台执行远程代码

安全 漏洞
中国安全公司深信服(Sangfor)近日发现了名为 PrintNightmare 的零日漏洞,允许黑客在补丁完善的 Windows Print Spooler 设备上获得完整的远程代码执行能力,该公司还发布了概念证明代码。

中国安全公司深信服(Sangfor)近日发现了名为 PrintNightmare 的零日漏洞,允许黑客在补丁完善的 Windows Print Spooler 设备上获得完整的远程代码执行能力,该公司还发布了概念证明代码。

 

 

 

在 6 月补丁星期二活动日中,微软发布的安全累积更新中修复了一个类似的 Print Spooler 漏洞。但是对于已经打过补丁的 Windows Server 2019 设备,PrintNightmare 漏洞依然有效,并允许攻击者远程执行代码。

根据概念证明代码显示,黑客只需要一些(甚至是低权限)的网络凭证就可以利用该漏洞进行远程执行,而且这些凭证在暗网上只需要 3 美元就能买到。这意味着企业网络又极易受到(尤其是勒索软件)的攻击,安全研究人员建议企业禁用其 Windows Print Spoolers。

影响版本

  • Windows Server 2019 (Server Core installation)
  • Windows Server 2019
  • Windows Server 2016 (Server Core installation)
  • Windows Server 2016
  • Windows Server 2012 R2 (Server Core installation)
  • Windows Server 2012 R2
  • Windows Server 2012 (Server Core installation)
  • Windows Server 2012
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows Server, version 2004 (Server Core installation)
  • Windows RT 8.1
  • Windows 8.1 for x64-based systems
  • Windows 8.1 for 32-bit systems
  • Windows 7 for x64-based Systems Service Pack 1
  • Windows 7 for 32-bit Systems Service Pack 1
  • Windows 10 Version 1607 for x64-based Systems
  • Windows 10 Version 1607 for 32-bit Systems
  • Windows 10 for x64-based Systems
  • Windows 10 for 32-bit Systems
  • Windows Server, version 20H2 (Server Core Installation)
  • Windows 10 Version 20H2 for ARM64-based Systems
  • Windows 10 Version 20H2 for 32-bit Systems
  • Windows 10 Version 20H2 for x64-based Systems
  • Windows 10 Version 2004 for x64-based Systems
  • Windows 10 Version 2004 for ARM64-based Systems
  • Windows 10 Version 2004 for 32-bit Systems
  • Windows 10 Version 21H1 for 32-bit Systems
  • Windows 10 Version 21H1 for ARM64-based Systems
  • Windows 10 Version 21H1 for x64-based Systems
  • Windows 10 Version 1909 for ARM64-based Systems
  • Windows 10 Version 1909 for x64-based Systems
  • Windows 10 Version 1909 for 32-bit Systems
  • Windows 10 Version 1809 for ARM64-based Systems
  • Windows 10 Version 1809 for x64-based Systems
  • Windows 10 Version 1809 for 32-bit Systems

 

责任编辑:未丽燕 来源: cnBeta.COM
相关推荐

2022-07-14 14:03:17

漏洞安全Windows

2011-08-04 13:53:04

2011-02-16 10:26:08

2021-04-13 16:40:18

0Day漏洞远程代码

2021-07-05 14:28:26

微软漏洞攻击

2015-07-16 17:08:14

零日漏洞远程执行漏洞Hacking Tea

2009-11-13 08:41:46

2017-06-15 17:28:36

2017-06-14 10:02:22

2017-05-11 22:53:49

2024-05-27 09:04:05

2021-01-26 10:00:45

漏洞网络安全网络攻击

2015-03-06 15:31:01

2022-06-06 14:17:15

零日漏洞恶意软件网络攻击

2015-04-22 09:18:25

2021-07-27 11:01:02

Windows

2019-08-26 00:30:48

2021-11-26 15:03:51

Windows零日漏洞恶意软件

2015-02-02 15:29:08

2015-04-18 21:00:11

点赞
收藏

51CTO技术栈公众号