• 我的位置:
  • 正规网赌十大娱乐棋牌
  • -
  • 漏洞预警
  • -
  • 操作系统
  • -
    • windows print spooler 远程代码执行漏洞
    • cnnvd编号:未知
    • 危害等级: 高危 
    • cve编号:cve-2021-34527
    • 漏洞类型: 未知
    • 威胁类型:未知
    • 厂       商:未知
    • 漏洞来源:金山毒霸
    • 发布时间:2021-07-05
    • 更新时间:2021-07-05

    漏洞简介

    2021年7月1日,微软发布了windows print spooler远程代码执行漏洞(cve-2021-34527)。日前,该漏洞的exp已在网络上公开。微软官方暂无相关补丁。该exp可以绕过微软6月针对cve-2021-1675的补丁。建议相关用户尽早做好缓解措施,暂时关闭相关的print spooler服务。

     windows print spooler是windows的打印机后台处理程序,广泛的应用于各种内网中,攻击者可以利用该0day漏洞使用一个低权限用户(包括匿名共享guest账户),对本地网络中的电脑发起攻击,控制存在漏洞的电脑。尤其在企业内部,在域环境中,普通域用户,可以通过该服务,攻击域控服务器,从而控制整个网络。

     

    此次泄漏的exp利用难度低,同时该漏洞广泛存在于各个windows版本中。且成功利用该漏洞的攻击者可以完整的控制域环境,攻击可能造成的后果严重,所以该漏洞的利用价值极高。

     

    毒霸安全专家建议相关用户尽快升级系统以修复该漏洞,避免受到黑客攻击。

    漏洞公示

    暂无

    参考网站

    暂无

    受影响实体

    - windows server 2012 r2 (server core installation)

    - windows server 2012 r2

    - windows server 2012 (server core installation)

    - windows server 2012

    - windows server 2008 r2 for x64-based systems service pack 1 (server coreinstallation)

    - windows server 2008 r2 for x64-based systems service pack 1

    - windows server 2008 for x64-based systems service pack 2 (server coreinstallation)

    - windows server 2008 for x64-based systems service pack 2

    - windows server 2008 for 32-bit systems service pack 2 (server coreinstallation)

    - windows server 2008 for 32-bit systems service pack 2

    - windows rt 8.1

    - windows 8.1 for x64-based systems

    - windows 8.1 for 32-bit systems

    - windows 7 for x64-based systems service pack 1

    - windows 7 for 32-bit systems service pack 1

    - windows server 2016  (server coreinstallation)

    - windows server 2016

    - windows 10 version 1607 for x64-based systems

    - windows 10 version 1607 for 32-bit systems

    - windows 10 for x64-based systems

    - windows 10 for 32-bit systems

    - windows server, version 20h2 (server core installation)

    - windows 10 version 20h2 for arm64-based systems

    - windows 10 version 20h2 for 32-bit systems

    - windows 10 version 20h2 for x64-based systems

    - windows server, version 2004 (server core installation)

    - windows 10 version 2004 for x64-based systems

    - windows 10 version 2004 for arm64-based systems

    - windows 10 version 2004 for 32-bit systems

    - windows 10 version 21h1 for 32-bit systems

    - windows 10 version 21h1 for arm64-based systems

    - windows 10 version 21h1 for x64-based systems

    - windows server, version 1909 (server core installation)

    - windows 10 version 1909 for arm64-based systems

    - windows 10 version 1909 for x64-based systems

    - windows 10 version 1909 for 32-bit systems

    - windows server 2019  (server coreinstallation)

    - windows server 2019

    - windows 10 version 1809 for arm64-based systems

    - windows 10 version 1809 for x64-based systems

    - windows 10 version 1809 for 32-bit systems

    补丁

    目前正式补丁尚未发布,相关用户可以通过禁用print spooler服务来缓解漏洞风险。

    临时正规网赌十大娱乐棋牌的解决方案:

    运行service.msc,在服务列表中找到printspooler服务。 



    右键打开服务属性,将服务类型修改为“禁用”,并停止该服务。