时时博在线娱乐城-百家乐代理 -禁毒法规定娱乐场所应当建立什么制度?

網(wǎng)絡(luò)安全

關(guān)于Windows HTTP.sys權(quán)限提升漏洞(CVE-2023-23410)的預(yù)警提示

2023-06-05

一、漏洞詳情

HTTP.sys是Microsoft Windows處理HTTP請(qǐng)求的內(nèi)核驅(qū)動(dòng)程序。

近日,監(jiān)測(cè)到Windows HTTP.sys權(quán)限提升漏洞(CVE-2023-23410)。Windows HTTP.sys中存在整數(shù)溢出漏洞,由于對(duì)ServiceName的原始輸入長(zhǎng)度校驗(yàn)錯(cuò)誤,可以通過(guò)構(gòu)造惡意內(nèi)容來(lái)觸發(fā)該漏洞,成功利用可能導(dǎo)致權(quán)限提升或拒絕服務(wù)。

建議受影響用戶(hù)做好資產(chǎn)自查以及預(yù)防工作,以免遭受黑客攻擊。

二、影響范圍

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

三、修復(fù)建議

目前微軟已經(jīng)發(fā)布了該漏洞的補(bǔ)丁,受影響用戶(hù)可及時(shí)安裝。

下載鏈接:https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23410