΢Èí¶à¸öÇå¾²Îó²îͨ¸æ

Ðû²¼Ê±¼ä 2020-08-12

0x00 Îó²î¸ÅÊö



΢ÈíÓÚÖܶþÐû²¼ÁË8ÔÂÇå¾²¸üв¹¶¡£¡£¡£¡£¡£¬ £¬£¬£¬ÐÞ¸´ÁË°üÀ¨2¸ö0dayÔÚÄÚµÄ120¸öÎó²î£¬ £¬£¬£¬Éæ¼°Internet Explorer£¨IE£©¡¢Office¡¢Microsoft Edge¡¢Windows MediaµÈÖÚ¶à×é¼þºÍÈí¼þ¡£¡£¡£¡£¡£ÖµµÃ×¢ÖصÄÊÇ£¬ £¬£¬£¬WindowsÓÕÆ­Îó²î£¨CVE-2020-1464£©ºÍIE¾ç±¾ÒýÇæÄÚ´æÆÆËðÎó²î£¨CVE-2020-1380£©Òѱ»¼ì²âµ½ÔÚҰʹÓ㬠£¬£¬£¬±ðµÄÉÐÓÐËĸöÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2020-1585¡¢CVE-2020-1568¡¢CVE-2020-1567¡¢CVE-2020-1570£©ºÍÈý¸öȨÏÞÌáÉýÎó²î£¨CVE-2020-1472¡¢CVE-2020-1480¡¢CVE-2020-1529£©£¬ £¬£¬£¬ÐèÒªÖصã¹Ø×¢£¬ £¬£¬£¬Ïê¼û±í¸ñ£º



²úÆ·

CVE ID

Àà ÐÍ

Îó²îÆ·¼¶

Ô¶³ÌʹÓÃ

Windows

CVE-2020-1464

Spoofing

¸ßΣ

ÊÇ

Internet Explorer

CVE-2020-1380

RCE

ÑÏÖØ

ÊÇ

Windows

CVE-2020-1472

EOP

ÑÏÖØ

·ñ

Windows

CVE-2020-1585

RCE

ÑÏÖØ

ÊÇ

Microsoft Edge

CVE-2020-1568

RCE

ÑÏÖØ

ÊÇ

Internet Explorer

CVE-2020-1567

RCE

ÑÏÖØ

ÊÇ

Internet Explorer

CVE-2020-1570

RCE

ÑÏÖØ

ÊÇ

Windows

CVE-2020-1480

EOP

¸ßΣ

·ñ

Windows

CVE-2020-1529

EOP

¸ßΣ

·ñ


0x01 Îó²îÏêÇé


¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨



WindowsÓÕÆ­Îó²î£¨CVE-2020-1464£©

WindowsÔÚÑéÖ¤ÊðÃûʱ£¬ £¬£¬£¬±£´æÒ»¸öÓÕÆ­Îó²î¡£¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÈƹýÇå¾²ÌØÕ÷£¬ £¬£¬£¬´Ó¶ø¼ÓÔعýʧÊðÃûµÄÎļþ¡£¡£¡£¡£¡£

IE¾ç±¾ÒýÇæÄÚ´æËð»µÎó²î£¨CVE-2020-1380£©

IE¾ç±¾ÒýÇæÔÚ´¦Öóͷ£ÄÚ´æÖеŤ¾ßʱ£¬ £¬£¬£¬±£´æÒ»¸öÔ¶³Ì´úÂëÖ´ÐÐÎó²î¡£¡£¡£¡£¡£¹¥»÷Õß¿Éͨ¹ýÓÕµ¼Óû§»á¼ûÌØÖÆÍøÕ¾»òͨ¹ýÓÕµ¼Óû§·­¿ªÇ¶Èë±ê¼ÇΪ¡°³õʼ»¯Çå¾²¡±µÄActiveX¿Ø¼þµÄÓ¦ÓóÌÐò»òMicrosoft OfficeÎĵµµÈ·½·¨À´Ê¹ÓôËÎó²î£¬ £¬£¬£¬±ðµÄ£¬ £¬£¬£¬¹¥»÷Õß»¹¿ÉÒÔͨ¹ý¹¥»÷ųÈõÍøÕ¾¡¢ÏòÄÚÈÝ»ò¹ã¸æЧÀÍÌṩÉÌÌí¼ÓÌØÖÆÄÚÈÝÀ´Ê¹ÓôËÎó²î£¬ £¬£¬£¬¸ÃÎó²îµ¼Ö¿ÉÒÔÔÚÄ¿½ñÓû§µÄÉÏÏÂÎÄÖÐÖ´ÐÐí§Òâ´úÂëµÄ·½·¨Ëð»µÄÚ´æ¡£¡£¡£¡£¡£

NetLogonȨÏÞÌáÉýÎó²î£¨CVE-2020-1472£©

NetLogonÖб£´æÒ»¸öȨÏÞÌáÉýÎó²î¡£¡£¡£¡£¡£Î´¾­Éí·ÝÈÏÖ¤µÄ¹¥»÷Õß¿Éͨ¹ýʹÓÃNetlogonÔ¶³ÌЭÒ飨MS-NRPC£©ÅþÁ¬Óò¿ØÖÆÆ÷À´Ê¹ÓôËÎó²î¡£¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿É»ñµÃÓòÖÎÀíÔ±»á¼ûȨÏÞ¡£¡£¡£¡£¡£

Windows±àÂë½âÂë¿âÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2020-1585£©

µ± Microsoft Windows Codecs ¿â´¦Öóͷ£ÄÚ´æÖеŤ¾ßʱ£¬ £¬£¬£¬±£´æÔ¶³ÌÖ´ÐдúÂëÎó²î¡£¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔ¿ØÖÆÊÜÓ°ÏìµÄϵͳ¡£¡£¡£¡£¡£

Microsoft Edge PDFÔ¶³ÌÖ´ÐдúÂëÎó²î£¨CVE-2020-1568£©

Microsoft Edge PDF ÔĶÁÆ÷ÔÚ´¦Öóͷ£ÄÚ´æÖеŤ¾ßʱ£¬ £¬£¬£¬±£´æÔ¶³ÌÖ´ÐдúÂëÎó²î¡£¡£¡£¡£¡£Ô¶³Ì¹¥»÷Õßͨ¹ý½á¹¹°üÀ¨¶ñÒâÄÚÈݵÄPDFÒ³Ã棬 £¬£¬£¬²¢ÓÕʹÓû§Ê¹ÓÃEdgeä¯ÀÀÆ÷·­¿ª£¬ £¬£¬£¬ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÔÚÊÜÓ°ÏìµÄϵͳÉÏÒÔÏàͬµÄÓû§È¨ÏÞÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£¡£

MSHTMLÒýÇæÔ¶³ÌÖ´ÐдúÂëÎó²î£¨CVE-2020-1567£©

¸ÃÎó²î±£´æÓÚMSHTMLÖеÄVBScriptÖУ¬ £¬£¬£¬ÓÉÓÚ¶ÔVBScriptµÄÒ»¸ö»Øµ÷»áɾ³ý¹¤¾ß£¬ £¬£¬£¬¶ø¶Ô¸Ã¿é¿Õ¼äµÄÒýÓÃÈÔÈ»±£±£´æ¿ÍÕ»ÖУ¬ £¬£¬£¬ÈôÊÇŲÓøÃÒýÓ㬠£¬£¬£¬Ôò»á´¥·¢UAF£¬ £¬£¬£¬×îÖÕ¿ÉÒÔÔì³ÉÔ¶³Ì´úÂëÖ´ÐС£¡£¡£¡£¡£

IE¾ç±¾ÒýÇæÄÚ´æËð»µÎó²î£¨CVE-2020-1570£©

¸ÃÎó²îÔ´ÓÚjavascriptδ³õʼ»¯¿ÍÕ»Äڴ棬 £¬£¬£¬var¹¤¾ßͨ¹ýGetValueÀ´¾ÙÐгõʼ»¯£¬ £¬£¬£¬ÈôÊǵڶþ¸ö²ÎÊýΪ¹¤¾ß£¬ £¬£¬£¬ÔòGetValueÖ»³õʼ»¯µÚÈý¸ö²ÎÊýÖµ£¬ £¬£¬£¬Ôì³ÉµÚ¶þ¸ö²ÎÊýδ³õʼ»¯£¬ £¬£¬£¬×îÖÕµ¼ÖÂÔ¶³Ì´úÂëÖ´ÐС£¡£¡£¡£¡£

Windows GDI ȨÏÞÌáÉýÎó²î£¨CVE-2020-1480/CVE-2020-1529£©

Windows ͼÐÎ×°±¸½Ó¿Ú (GDI) ´¦Öóͷ£ÄÚ´æÖеŤ¾ßµÄ·½·¨Öб£´æÌØȨÌáÉýÎó²î¡£¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔÔÚÄÚºËģʽÏÂÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£¡£


0x02 Ó°Ïì¹æÄ£



Îó²î±àºÅ

ÊÜÓ°Ïì²úÆ·°æ±¾

CVE-2020-1464

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1709 for 32-bit Systems

Windows 10 Version 1709 for ARM64-based Systems

Windows 10 Version 1709 for x64-based Systems

Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for ARM64-based Systems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1903 for 32-bit Systems

Windows 10 Version 1903 for ARM64-based Systems

Windows 10 Version 1903 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 2004 for 32-bit Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for x64-based Systems

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows 8.1 for 32-bit systems

Windows 8.1 for x64-based systems

Windows RT 8.1

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server, version 1903 (Server Core installation)

Windows Server, version 1909 (Server Core installation)

Windows Server, version 2004 (Server Core installation)

CVE-2020-1380

Internet Explorer 11

CVE-2020-1472

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server, version 1903 (Server Core installation)

Windows Server, version 1909 (Server Core installation)

Windows Server, version 2004 (Server Core installation)

CVE-2020-1585

Windows 10 Version 1709 for 32-bit Systems

Windows 10 Version 1709 for ARM64-based Systems

Windows 10 Version 1709 for x64-based Systems

Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for ARM64-based Systems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1903 for 32-bit Systems

Windows 10 Version 1903 for ARM64-based Systems

Windows 10 Version 1903 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 2004 for 32-bit Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for x64-based Systems

CVE-2020-1568

Microsoft Edge (EdgeHTML-based)

CVE-2020-1567

CVE-2020-1570

Internet Explorer 11

Internet Explorer 9

CVE-2020-1480

Windows 10 Version 1709 for 32-bit Systems

Windows 10 Version 1709 for ARM64-based Systems

Windows 10 Version 1709 for x64-based Systems

Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for ARM64-based Systems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1903 for 32-bit Systems

Windows 10 Version 1903 for ARM64-based Systems

Windows 10 Version 1903 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 2004 for 32-bit Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for x64-based Systems

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server, version 1903 (Server Core installation)

Windows Server, version 1909 (Server Core installation)

Windows Server, version 2004 (Server Core installation)

CVE-2020-1529

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1709 for 32-bit Systems

Windows 10 Version 1709 for ARM64-based Systems

Windows 10 Version 1709 for x64-based Systems

Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for ARM64-based Systems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1903 for 32-bit Systems

Windows 10 Version 1903 for ARM64-based Systems

Windows 10 Version 1903 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 2004 for 32-bit Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for x64-based Systems

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows 8.1 for 32-bit systems

Windows 8.1 for x64-based systems

Windows RT 8.1

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server, version 1903 (Server Core installation)

Windows Server, version 1909 (Server Core installation)

Windows Server, version 2004 (Server Core installation)


0x03 ´¦Öóͷ£½¨Òé


΢Èí¹Ù·½ÒѾ­Ðû²¼²¹¶¡£¡£¡£¡£¡£¬ £¬£¬£¬ÏÂÔØÁ´½Ó£º

https://portal.msrc.microsoft.com/en-us/security-guidance


0x04 Ïà¹ØÐÂÎÅ


https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2020-patch-tuesday-fixes-2-zero-days-120-flaws/


0x05 ²Î¿¼Á´½Ó


https://portal.msrc.microsoft.com/en-us/security-guidance


0x06 ʱ¼äÏß


2020-08-11 ΢Èí¹Ù·½Ðû²¼Îó²î

2020-08-12 VSRCÐû²¼Îó²îͨ¸æ

¼øºÚµ£±£Íø(jhdbw)¡¤×î¾ßȨÍþΨһάȨµ£±£Æ½Ì¨