尊敬的棉花云用戶，您好！

       互聯網安全運營中心監(jiān)測到， 微軟發(fā)布了2023年2月的例行安全更新公告，共涉及漏洞數75個，嚴重漏洞9個。本次發(fā)布涉及 Microsoft Protected Extensible Authentication Protocol (PEAP) 、Windows iSCSI Discovery Service、Microsoft Office 和 Office 組件、微軟 SQL Server、Microsoft Graphics Component、.NET 核心、.NET框架和 Visual Studio 等產品和相關組件的安全更新。

為避免您的業(yè)務受影響，棉花云安全建議您及時開展安全自查，如在受影響范圍，請您及時進行更新修復，避免被外部攻擊者入侵。

漏洞詳情

在此次公告中以下漏洞微軟用戶可重點關注：

Microsoft Protected Extensible Authentication Protocol (PEAP)遠程代碼執(zhí)行漏洞（CVE-2023-21692、CVE-2023-21690、CVE-2023-21689）：

該漏洞CVSSv3評分9.8。其中 CVE-2023-21690 和 CVE-2023-21692 是通過發(fā)送特制的PEAP惡意數據包進行的利用，而 CVE-2023-21689 通過網絡調用在服務器上執(zhí)行任意代碼。該漏洞被官方標記為被利用可能性較大。

Windows iSCSI Discovery Service遠程代碼執(zhí)行漏洞（CVE-2023-21803）：

該漏洞CVSSv3評分9.8。該漏洞通過向運行 iSCSI Discovery Service 的 Windows 主機發(fā)送惡意的 DHCP 發(fā)現請求來利用此漏洞，成功利用可導致攻擊者遠程執(zhí)行代碼。該漏洞僅影響 32 位版本的Windows，并且僅在 iSCSI Initiator 客戶端應用程序正在運行時才能利用此漏洞。在默認情況下 iSCSI Initiator 客戶端應用程序不被啟用。

Microsoft Exchange Server 遠程代碼執(zhí)行漏洞（CVE-2023-21529、CVE-2023-21706、CVE-2023-21707）：

該漏洞CVSSv3評分8.8。該漏洞允許任何有權限訪問 Exchange PowerShell 后端的用戶執(zhí)行任意代碼，從而接管 Exchange 服務器。該漏洞被官方標記為利用可能性極大。

Windows Common Log File System Driver 特權提升漏洞（CVE-2023-23376）：

該漏洞CVSSv3評分7.8。低權限攻擊者可利用該漏洞在目標系統(tǒng)獲取 SYSTEM 權限。目前該漏洞被官方標記為已發(fā)現在野利用。

風險等級

高風險

漏洞風險

攻擊者利用該漏洞可導致遠程代碼執(zhí)行等危害

影響版本

CVE-2023-21692、CVE-2023-21690、CVE-2023-21689：

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

CVE-2023-21803：

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for 32-bit Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 1809 for 32-bit Systems

CVE-2023-21529、CVE-2023-21706、CVE-2023-21707：

Microsoft Exchange Server 2016 Cumulative Update 23

Microsoft Exchange Server 2013 Cumulative Update 23

Microsoft Exchange Server 2019 Cumulative Update 11

Microsoft Exchange Server 2019 Cumulative Update 12

CVE-2023-23376：

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

安全版本

微軟2023年2月最新補丁

修復建議

官方已發(fā)布漏洞補丁及修復版本，請評估業(yè)務是否受影響后，酌情升級至安全版本

【備注】：建議您在升級前做好數據備份工作，避免出現意外

漏洞參考

https://msrc.microsoft.com/update-guide/releaseNote/2023-Feb 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21692 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21690 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21689 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21803 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21529 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21706 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21707 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23376 

棉花云