零日漏洞PrintNightmare曝光:可在Windows後台執行遠程代碼
中國安全公司深信服(Sangfor)近日發現了名為PrintNightmare的零日漏洞,允許黑客在補丁完善的Windows Print Spooler設備上獲得完整的遠程代碼執行能力,該公司還發布了概念證明代碼。
在6月補丁星期二活動日中,微軟發布的安全累積更新中修復了一個類似的Print Spooler漏洞。但是對於已經打過補丁的Windows Server 2019設備,PrintNightmare漏洞依然有效,並允許攻擊者遠程執行代碼。
根據概念證明代碼顯示,黑客只需要一些(甚至是低權限)的網絡憑證就可以利用該漏洞進行遠程執行,而且這些憑證在暗網上只需要3 美元就能買到。這意味著企業網絡又極易受到(尤其是勒索軟件)的攻擊,安全研究人員建議企業禁用其Windows Print Spoolers。
影響版本
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server, version 2004 (Server Core installation)
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems