阅读: 241
一、漏洞概述
5月15日,绿盟科技CERT监测到微软发布5月安全更新补丁,修复了60个安全问题,涉及Microsoft Office Excel、.NET 和 Visual Studio、Windows Win32K、Microsoft Office SharePoint、Windows Hyper-V等广泛使用的产品,其中包括权限提升、远程代码执行等高危漏洞类型。
本月微软月度更新修复的漏洞中,严重程度为关键(Critical)的漏洞有1个,重要(Important)漏洞有57个,其中包括1个0day漏洞:
Windows DWM核心库权限提升漏洞(CVE-2024-30051)
请相关用户尽快更新补丁进行防护,完整漏洞列表请参考附录。
参考链接:
https://msrc.microsoft.com/update-guide/releaseNote/2024-May
二、重点漏洞简述
根据产品流行度和漏洞重要性筛选出此次更新中包含影响较大的漏洞,请相关用户重点进行关注:
Windows DWM核心库权限提升漏洞(CVE-2024-30051):
由于Windows DWM核心库中存在堆溢出,具有普通用户权限的攻击者通过运行特制的程序进行利用,可以利用该漏洞劫持相关共享内存,控制内存数据,实现任意函数调用等功能,从而实现将系统权限提升至SYSTEM。目前已被公开披露且发现在野利用,CVSS评分为7.8
桌面窗口管理器是 Windows Vista 中引入的一项 Windows 服务,允许操作系统在渲染玻璃窗框架和 3D 过渡动画等图形用户界面元素时使用硬件加速。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30051
Windows MSHTML 平台安全功能绕过漏洞(CVE-2024-30040):
由于Windows MSHTML平台中的输入验证不正确,未经身份验证的攻击者通过诱骗受害者打开或加载特制的文件,可以绕过 Microsoft 365和Microsoft Office中的OLE缓解措施,在目标系统上执行任意代码。目前此漏洞已发现在野利用,CVSS评分为8.2。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30040
Microsoft SharePoint Server 远程代码执行漏洞(CVE-2024-30044):
由于Microsoft SharePoint Server中存在不可信数据的反序列化,具有站点Site Owner权限或更高权限的攻击者可以通过上传特制的文件到目标SharePoint Server,并构造特定的API请求触发对文件参数的反序列化。从而在SharePoint Server的上下文中远程执行任意代码。CVSS评分为8.8。
官方通告链接:
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-30044
Windows 通用日志文件系统驱动程序权限提升漏洞(CVE-2024-29996/CVE-2024-30025/CVE-2024-30037):
Windows的通用日志文件系统驱动程序中存在多个越界读取漏洞,具有普通用户权限的攻击者可以通过运行特制的程序进行利用,从而获得目标系统的SYSTEM权限。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29996
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30025
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30037
Win32k权限提升漏洞(CVE-2024-30038/CVE-2024-30049):
CVE-2024-30038:由于 Win32k.sys驱动程序中存在缓冲区溢出,具有普通用户权限的攻击者可以通过运行特制的程序进行利用,从而将系统权限提升至SYSTEM。
CVE-2024-30049:Windows Win32k中存在释放后重利用(Use-After-Free)漏洞,具有普通用户权限的攻击者可以通过运行特制的程序进行利用,从而获得目标系统的SYSTEM权限。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30038
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049
Windows DWM 核心库权限提升漏洞(CVE-2024-30032/CVE-2024-30035):
由于Windows DWM核心库中存在释放后重利用(Use-After-Free)漏洞,具有普通用户权限的攻击者可以通过运行特制的程序进行利用,从而获得目标系统的SYSTEM权限。
官方通告链接:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30032
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30035
三、影响范围
以下为部分重点关注漏洞的受影响产品版本,其他漏洞影响产品范围请参阅官方通告链接。
漏洞编号 | 受影响产品版本 |
CVE-2024-30051 | Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows Server 2022 (Server Core installation) |
CVE-2024-30040 | Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems |
CVE-2024-30044 | Microsoft SharePoint Server Subscription Edition Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2016 |
CVE-2024-30025
CVE-2024-30037 |
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) |
CVE-2024-29996
CVE-2024-30038 |
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
CVE-2024-30049 | Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems |
CVE-2024-30032 | Windows Server 2016 (Server Core installation)
Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
CVE-2024-30035 | Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
四、漏洞防护
- 补丁更新
目前微软官方已针对受支持的产品版本发布了修复以上漏洞的安全补丁,强烈建议受影响用户尽快安装补丁进行防护,官方下载链接:
https://msrc.microsoft.com/update-guide/releaseNote/2024-May
注:由于网络问题、计算机环境问题等原因,Windows Update的补丁更新可能出现失败。用户在安装补丁后,应及时检查补丁是否成功更新。
右键点击Windows图标,选择“设置(N)”,选择“更新和安全”-“Windows更新”,查看该页面上的提示信息,也可点击“查看更新历史记录”查看历史更新情况。
针对未成功安装的更新,可点击更新名称跳转到微软官方下载页面,建议用户点击该页面上的链接,转到“Microsoft更新目录”网站下载独立程序包并安装。
附录:漏洞列表
影响产品 | CVE编号 | 漏洞标题 | 严重程度 |
Microsoft Office | CVE-2024-30044 | Microsoft SharePoint Server 远程代码执行漏洞 | Critical |
Windows | CVE-2024-29996 | Windows Common Log File System Driver 权限提升漏洞 | Important |
Windows | CVE-2024-29997 | Windows Mobile Broadband Driver 远程代码执行漏洞 | Important |
Windows | CVE-2024-29998 | Windows Mobile Broadband Driver 远程代码执行漏洞 | Important |
Windows | CVE-2024-29999 | Windows Mobile Broadband Driver 远程代码执行漏洞 | Important |
Windows | CVE-2024-30000 | Windows Mobile Broadband Driver 远程代码执行漏洞 | Important |
Windows | CVE-2024-30001 | Windows Mobile Broadband Driver 远程代码执行漏洞 | Important |
Windows | CVE-2024-30002 | Windows Mobile Broadband Driver 远程代码执行漏洞 | Important |
Windows | CVE-2024-30003 | Windows Mobile Broadband Driver 远程代码执行漏洞 | Important |
Windows | CVE-2024-30004 | Windows Mobile Broadband Driver 远程代码执行漏洞 | Important |
Windows | CVE-2024-30005 | Windows Mobile Broadband Driver 远程代码执行漏洞 | Important |
Windows | CVE-2024-30006 | Microsoft WDAC OLE DB provider for SQL Server 远程代码执行漏洞 | Important |
Windows | CVE-2024-30007 | Microsoft Brokering File System 权限提升漏洞 | Important |
Windows | CVE-2024-30008 | Windows DWM Core Library Information Disclosure Vulnerability | Important |
Windows | CVE-2024-30009 | Windows Routing and Remote Access Service (RRAS) 远程代码执行漏洞 | Important |
Windows | CVE-2024-30010 | Windows Hyper-V 远程代码执行漏洞 | Important |
Windows | CVE-2024-30011 | Windows Hyper-V 拒绝服务漏洞 | Important |
Windows | CVE-2024-30012 | Windows Mobile Broadband Driver 远程代码执行漏洞 | Important |
Windows | CVE-2024-30014 | Windows Routing and Remote Access Service (RRAS) 远程代码执行漏洞 | Important |
Windows | CVE-2024-30015 | Windows Routing and Remote Access Service (RRAS) 远程代码执行漏洞 | Important |
Windows | CVE-2024-30016 | Windows Cryptographic Services 信息披露漏洞 | Important |
Windows | CVE-2024-30017 | Windows Hyper-V 远程代码执行漏洞 | Important |
Windows | CVE-2024-30018 | Windows Kernel 权限提升漏洞 | Important |
Windows | CVE-2024-30019 | DHCP Server Service 拒绝服务漏洞 | Important |
Windows | CVE-2024-30020 | Windows Cryptographic Services 远程代码执行漏洞 | Important |
Windows | CVE-2024-30021 | Windows Mobile Broadband Driver 远程代码执行漏洞 | Important |
Windows | CVE-2024-30022 | Windows Routing and Remote Access Service (RRAS) 远程代码执行漏洞 | Important |
Windows | CVE-2024-30023 | Windows Routing and Remote Access Service (RRAS) 远程代码执行漏洞 | Important |
Azure | CVE-2024-30053 | Azure Migrate 跨站脚本漏洞 | Important |
Apps | CVE-2024-30059 | Microsoft Intune for Android Mobile Application Management 篡改漏洞 | Important |
Windows | CVE-2024-26238 | Microsoft PLUGScheduler Scheduled Task 权限提升漏洞 | Important |
Windows | CVE-2024-29994 | Microsoft Windows SCSI Class System File 权限提升漏洞 | Important |
Windows | CVE-2024-30024 | Windows Routing and Remote Access Service (RRAS) 远程代码执行漏洞 | Important |
Windows | CVE-2024-30025 | Windows Common Log File System Driver 权限提升漏洞 | Important |
Windows | CVE-2024-30027 | NTFS 权限提升漏洞 | Important |
Windows | CVE-2024-30028 | Win32k 权限提升漏洞 | Important |
Windows | CVE-2024-30029 | Windows Routing and Remote Access Service (RRAS) 远程代码执行漏洞 | Important |
Windows | CVE-2024-30030 | Win32k 权限提升漏洞 | Important |
Windows | CVE-2024-30031 | Windows CNG Key Isolation Service 权限提升漏洞 | Important |
Windows | CVE-2024-30032 | Windows DWM Core Library 权限提升漏洞 | Important |
Windows | CVE-2024-30033 | Windows Search Service 权限提升漏洞 | Important |
Windows | CVE-2024-30034 | Windows Cloud Files Mini Filter Driver 信息披露漏洞 | Important |
Windows | CVE-2024-30035 | Windows DWM Core Library 权限提升漏洞 | Important |
Windows | CVE-2024-30036 | Windows Deployment Services 信息披露漏洞 | Important |
Windows | CVE-2024-30037 | Windows Common Log File System Driver 权限提升漏洞 | Important |
Windows | CVE-2024-30038 | Win32k 权限提升漏洞 | Important |
Windows | CVE-2024-30039 | Windows Remote Access Connection Manager 信息披露漏洞 | Important |
Windows | CVE-2024-30040 | Windows MSHTML Platform 安全功能绕过漏洞 | Important |
Apps | CVE-2024-30041 | Microsoft Bing Search 欺骗漏洞 | Important |
Microsoft Office | CVE-2024-30042 | Microsoft Excel 远程代码执行漏洞 | Important |
Microsoft Office | CVE-2024-30043 | Microsoft SharePoint Server 信息披露漏洞 | Important |
Microsoft Visual Studio,.NET | CVE-2024-30045 | .NET and Visual Studio 远程代码执行漏洞 | Important |
Microsoft Visual Studio | CVE-2024-30046 | Visual Studio 拒绝服务漏洞 | Important |
Microsoft Dynamics | CVE-2024-30047 | Dynamics 365 Customer Insights 欺骗漏洞 | Important |
Microsoft Dynamics | CVE-2024-30048 | Dynamics 365 Customer Insights 欺骗漏洞 | Important |
Windows | CVE-2024-30049 | Windows Win32 Kernel Subsystem 权限提升漏洞 | Important |
Windows | CVE-2024-30051 | Windows DWM Core Library 权限提升漏洞 | Important |
PowerBI-client JS SDK | CVE-2024-30054 | Microsoft Power BI Client JavaScript SDK 信息披露漏洞 | Important |
Windows | CVE-2024-30050 | Windows Mark of the Web 安全功能绕过漏洞 | Moderate |
Microsoft Edge (Chromium-based) | CVE-2024-30055 | Microsoft Edge (Chromium-based) 欺骗漏洞 | Low |
声明
本安全公告仅用来描述可能存在的安全问题,绿盟科技不为此安全公告提供任何保证或承诺。由于传播、利用此安全公告所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,绿盟科技以及安全公告作者不为此承担任何责任。
绿盟科技拥有对此安全公告的修改和解释权。如欲转载或传播此安全公告,必须保证此安全公告的完整性,包括版权声明等全部内容。未经绿盟科技允许,不得任意修改或者增减此安全公告内容,不得以任何方式将其用于商业目的。