关于Windows Cloud Files Mini Filter Driver权限提升漏洞的预警提示
发布时间:2023-11-30浏览次数:86
一、漏洞详情 Windows Cloud Files Mini Filter Driver主要用于管理和促进云存储文件的操作。它允许Windows与云存储服务同步,使用户能够直接从本地系统访问、修改和管理其云存储文件。 近日,监测到微软修复了Windows Cloud Files Mini Filter Driver权限提升漏洞(CVE-2023-36036)。Windows Cloud Files Mini Filter Driver在处理Reparse point的过程中,进行memcpy时没有检查数据边界,导致攻击者可以构造恶意Reparse point数据,导致越界写入,具有低权限的本地攻击者利用该漏洞可以将权限提升至SYSTEM。 建议受影响用户做好资产自查以及预防工作,以免遭受黑客攻击。 二、影响范围 Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems 三、修复建议 可参考以下链接下载适用于系统的补丁并安装: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36036 |
