Microsoft 2Ô¶à¸öÇå¾²Îó²î

Ðû²¼Ê±¼ä 2021-02-10

0x00 Îó²î¸ÅÊö

2021Äê02ÔÂ09ÈÕÐÇÆÚ¶þ£¬£¬£¬£¬£¬£¬MicrosoftÐû²¼ÁË2Ô·ݵÄÇå¾²¸üС£¡£¡£¡£¡£¡£±¾´ÎÐû²¼µÄÇå¾²¸üй²ÐÞ¸´ÁË56¸öÎó²î£¬£¬£¬£¬£¬£¬ÆäÖÐ11¸öÆÀ¼¶ÎªÑÏÖØ£¬£¬£¬£¬£¬£¬43¸öÆÀ¼¶Îª¸ßΣ£¬£¬£¬£¬£¬£¬2¸öÆÀ¼¶ÎªÖÐΣ¡£¡£¡£¡£¡£¡£

 

0x01 Îó²îÏêÇé

image.png

Microsoft±¾´ÎÐû²¼µÄÇå¾²¸üÐÂÐÞ¸´ÁËWindows Win32kȨÏÞÌáÉý0 dayÎó²î£¨CVE-2021-1732£©¡¢6¸öÒÔÇ°Åû¶µÄÎó²î£¨CVE-2021-1721¡¢CVE-2021-1727¡¢CVE-2021-1733¡¢CVE-2021-24098¡¢CVE-2021-24106ºÍCVE-2021-26701£©ÒÔ¼°¿ÉÒý·¢¹©Ó¦Á´¹¥»÷µÄ³ÌÐò°ü¹ÜÀíÆ÷ÉèÖÃÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2021-24105£©£¬£¬£¬£¬£¬£¬¸ÃÎó²î½«Ó°ÏìMicrosoft¡¢Apple¡¢ PayPal¡¢Shopify¡¢Netflix¡¢Tesla¡¢Yelp¡¢TeslaºÍUberµÈ¶à¸ö¹«Ë¾¡£¡£¡£¡£¡£¡£

ÔÚ±¾´ÎÐÞ¸´µÄÎó²îÖУ¬£¬£¬£¬£¬£¬ÖµµÃ×¢ÖصÄÊÇWindows TCP/IPÖеÄ2¸öRCEÎó²î£¨CVE-2021-24074ºÍCVE-2021-24094£¬£¬£¬£¬£¬£¬ÆäCVSSÆÀ·Ö¾ùΪ9.8£©ºÍ1¸ö¾Ü¾øЧÀÍÎó²î£¨CVE-2021-24086£¬£¬£¬£¬£¬£¬ÆäCVSSÆÀ·Ö7.5£©£¬£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉÒÔͨ¹ý½á¹¹¶ñÒâIPÊý¾Ý°üÀ´´¥·¢ÕâЩÎó²î£¬£¬£¬£¬£¬£¬×îÖÕÔÚÄ¿µÄÖ÷»ú»òЧÀÍÆ÷ÉÏÖ´ÐÐí§Òâ´úÂë»òµ¼ÖÂÀ¶ÆÁ¡£¡£¡£¡£¡£¡£MicrosoftÇå¾²ÏìÓ¦ÖÐÐÄMSRCÌåÏÖ£¬£¬£¬£¬£¬£¬Õâ3¸öÎó²î»áÓ°ÏìËùÓеÄWindowsϵͳ£¬£¬£¬£¬£¬£¬µ«ÓÉÓÚRCEÎó²îʹÓýÏΪÖش󣬣¬£¬£¬£¬£¬Òò´Ë¶ÌÆÚÄÚ²»Ì«¿ÉÄܱ»Ê¹Ó㬣¬£¬£¬£¬£¬µ«¹¥»÷ÕߺÜÈÝÒ×ÌᳫDos¹¥»÷¡£¡£¡£¡£¡£¡£ÏÖÔÚÕâЩÎó²îÒѾ­ÐÞ¸´£¬£¬£¬£¬£¬£¬½¨Ò龡¿ìÓ¦ÓÃWindows¸üС£¡£¡£¡£¡£¡£

ÍêÕûÎó²îÁбíÈçÏ£º

²úÆ·/×é¼þ

CVE ID

CVEÎÊÌâ

ÑÏÖØˮƽ

.NET   Core

CVE-2021-26701

.NET   CoreÔ¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

.NET   Core

CVE-2021-24112

.NET   CoreÔ¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

.NET   Core & Visual Studio

CVE-2021-1721

.NET   CoreºÍVisual Studio¾Ü¾øЧÀÍÎó²î

¸ßΣ

.NET   Framework

CVE-2021-24111

.NET   Framework¾Ü¾øЧÀÍÎó²î

¸ßΣ

Azure   IoT

CVE-2021-24087

Azure   IoT CLIÀ©Õ¹È¨ÏÞÌáÉýÎó²î

¸ßΣ

Developer   Tools

CVE-2021-24105

³ÌÐò°ü¹ÜÀíÆ÷ÉèÖÃÔ¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

Microsoft   Azure Kubernetes Service

CVE-2021-24109

Microsoft   Azure KubernetesЧÀÍȨÏÞÌáÉýÎó²î

ÖÐΣ

Microsoft   Dynamics

CVE-2021-24101

Microsoft   DataverseÐÅϢй¶Îó²î

¸ßΣ

Microsoft   Dynamics

CVE-2021-1724

Microsoft   Dynamics Business Central¿çÕ¾µã¾ç±¾Îó²î

¸ßΣ

Microsoft   Edge for Android

CVE-2021-24100

Microsoft   Edge for AndroidÐÅϢй¶Îó²î

¸ßΣ

Microsoft   Exchange Server

CVE-2021-24085

Microsoft   Exchange ServerÓÕÆ­Îó²î

¸ßΣ

Microsoft   Exchange Server

CVE-2021-1730

Microsoft   Exchange ServerÓÕÆ­Îó²î

¸ßΣ

Microsoft   Graphics Component

CVE-2021-24093

WindowsͼÐÎ×é¼þÔ¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

Microsoft   Office Excel

CVE-2021-24067

Microsoft   ExcelÔ¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

Microsoft   Office Excel

CVE-2021-24068

Microsoft   ExcelÔ¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

Microsoft   Office Excel

CVE-2021-24069

Microsoft   ExcelÔ¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

Microsoft   Office Excel

CVE-2021-24070

Microsoft   ExcelÔ¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

Microsoft   Office SharePoint

CVE-2021-24071

Microsoft   SharePointÐÅϢй¶Îó²î

¸ßΣ

Microsoft   Office SharePoint

CVE-2021-1726

Microsoft   SharePointÓÕÆ­Îó²î

¸ßΣ

Microsoft   Office SharePoint

CVE-2021-24066

Microsoft   SharePointÔ¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

Microsoft   Office SharePoint

CVE-2021-24072

Microsoft   SharePoint ServerÔ¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

Microsoft   Teams

CVE-2021-24114

Microsoft   Teams iOSÐÅϢй¶Îó²î

¸ßΣ

Microsoft   Windows Codecs Library

CVE-2021-24081

Microsoft   Windows±à½âÂëÆ÷¿âÔ¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

Microsoft   Windows Codecs Library

CVE-2021-24091

Windows   Camera Codec PackÔ¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

Role:   DNS Server

CVE-2021-24078

Windows   DNSЧÀÍÆ÷Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

Role:   Hyper-V

CVE-2021-24076

Microsoft   Windows VMSwitchÐÅϢй¶Îó²î

¸ßΣ

Role:   Windows Fax Service

CVE-2021-24077

Windows´«ÕæЧÀÍÔ¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

Role:   Windows Fax Service

CVE-2021-1722

Windows´«ÕæЧÀÍÔ¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

Skype   for Business

CVE-2021-24073

Skype   for BusinessºÍLyncÓÕÆ­Îó²î

¸ßΣ

Skype   for Business

CVE-2021-24099

Skype   for BusinessºÍLync¾Ü¾øЧÀÍÎó²î

¸ßΣ

SysInternals

CVE-2021-1733

Sysinternals   PsExecȨÏÞÌáÉýÎó²î

¸ßΣ

System   Center

CVE-2021-1728

System   Center Operations ManagerȨÏÞÌáÉýÎó²î

¸ßΣ

Visual   Studio

CVE-2021-1639

Visual   Studio´úÂëÔ¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

Visual   Studio Code

CVE-2021-26700

Visual   Studio Code npm-script ExtensionÔ¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

Windows   Address Book

CVE-2021-24083

WindowsͨѶ²¾Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

Windows   Backup Engine

CVE-2021-24079

Windows±¸·ÝÒýÇæÐÅϢй¶Îó²î

¸ßΣ

Windows   Console Driver

CVE-2021-24098

Windows¿ØÖÆ̨Çý¶¯³ÌÐò¾Ü¾øЧÀÍÎó²î

¸ßΣ

Windows   Defender

CVE-2021-24092

Microsoft   DefenderȨÏÞÌáÉýÎó²î

¸ßΣ

Windows   DirectX

CVE-2021-24106

Windows   DirectXÐÅϢй¶Îó²î

¸ßΣ

Windows   Event Tracing

CVE-2021-24102

WindowsÊÂÎñ¸ú×ÙȨÏÞÌáÉýÎó²î

¸ßΣ

Windows   Event Tracing

CVE-2021-24103

WindowsÊÂÎñ¸ú×ÙȨÏÞÌáÉýÎó²î

¸ßΣ

Windows   Installer

CVE-2021-1727

Windows   InstallerȨÏÞÌáÉýÎó²î

¸ßΣ

Windows   Kernel

CVE-2021-24096

WindowsÄÚºËȨÏÞÌáÉýÎó²î

¸ßΣ

Windows   Kernel

CVE-2021-1732

Windows   Win32kȨÏÞÌáÉýÎó²î

¸ßΣ

Windows   Kernel

CVE-2021-1698

Windows   Win32kȨÏÞÌáÉýÎó²î

¸ßΣ

Windows   Mobile Device Management

CVE-2021-24084

Windows   Mobile×°±¸ÖÎÀíÐÅϢй¶Îó²î

¸ßΣ

Windows   Network File System

CVE-2021-24075

WindowsÍøÂçÎļþϵͳ¾Ü¾øЧÀÍÎó²î

¸ßΣ

Windows   PFX Encryption

CVE-2021-1731

PFX¼ÓÃÜÇå¾²¹¦Ð§ÈƹýÎó²î

¸ßΣ

Windows   PKU2U

CVE-2021-25195

Windows   PKU2UȨÏÞÌáÉýÎó²î

¸ßΣ

Windows   PowerShell

CVE-2021-24082

Microsoft.PowerShell.UtilityÄ£¿£¿£¿£¿£¿£¿éWDACÇå¾²¹¦Ð§ÈƹýÎó²î

¸ßΣ

Windows   Print Spooler Components

CVE-2021-24088

WindowsÍâµØºǫ́´¦Öóͷ£³ÌÐòÔ¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

Windows   Remote Procedure Call

CVE-2021-1734

WindowsÔ¶³ÌÀú³ÌŲÓÃÐÅϢй¶Îó²î

¸ßΣ

Windows   TCP/IP

CVE-2021-24086

Windows   TCP/IP¾Ü¾øЧÀÍÎó²î

¸ßΣ

Windows   TCP/IP

CVE-2021-24074

Windows   TCP/IPÔ¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

Windows   TCP/IP

CVE-2021-24094

Windows   TCP/IPÔ¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

Windows   Trust Verification API

CVE-2021-24080

WindowsÐÅÈÎÑéÖ¤API¾Ü¾øЧÀÍÎó²î

ÖÐΣ

 

0x02 ´¦Öóͷ£½¨Òé

ÏÖÔÚMicrosoftÒÑÐû²¼Çå¾²¸üУ¬£¬£¬£¬£¬£¬½¨ÒéʵʱװÖÃÏà¹Ø²¹¶¡¡£¡£¡£¡£¡£¡£

£¨Ò»£© Windows update¸üÐÂ

×Ô¶¯¸üУº

Microsoft UpdateĬÈÏÆôÓ㬣¬£¬£¬£¬£¬µ±ÏµÍ³¼ì²âµ½¿ÉÓøüÐÂʱ£¬£¬£¬£¬£¬£¬½«»á×Ô¶¯ÏÂÔظüв¢ÔÚÏÂÒ»´ÎÆô¶¯Ê±×°Öᣡ£¡£¡£¡£¡£

ÊÖ¶¯¸üУº

1¡¢µã»÷¡°×îÏȲ˵¥¡±»ò°´Windows¿ì½Ý¼ü£¬£¬£¬£¬£¬£¬µã»÷½øÈë¡°ÉèÖá±

2¡¢Ñ¡Ôñ¡°¸üкÍÇå¾²¡±£¬£¬£¬£¬£¬£¬½øÈë¡°Windows¸üС±£¨Windows 8¡¢Windows 8.1¡¢Windows Server 2012ÒÔ¼°Windows Server 2012 R2¿Éͨ¹ý¿ØÖÆÃæ°å½øÈë¡°Windows¸üС±£¬£¬£¬£¬£¬£¬Ïêϸ°ì·¨Îª¡°¿ØÖÆÃæ°å¡±->¡°ÏµÍ³ºÍÇå¾²¡±->¡°Windows¸üС±£©

3¡¢Ñ¡Ôñ¡°¼ì²é¸üС±£¬£¬£¬£¬£¬£¬ÆÚ´ýϵͳ½«×Ô¶¯¼ì²é²¢ÏÂÔØ¿ÉÓøüС£¡£¡£¡£¡£¡£

4¡¢ÖØÆôÅÌËã»ú£¬£¬£¬£¬£¬£¬×°ÖøüÐÂϵͳÖØÐÂÆô¶¯ºó£¬£¬£¬£¬£¬£¬¿Éͨ¹ý½øÈë¡°Windows¸üС±->¡°Éó²é¸üÐÂÀúÊ·¼Í¼¡±Éó²éÊÇ·ñÀÖ³É×°ÖÃÁ˸üС£¡£¡£¡£¡£¡£¹ØÓÚûÓÐÀÖ³É×°ÖõĸüУ¬£¬£¬£¬£¬£¬¿ÉÒÔµã»÷¸Ã¸üÐÂÃû³Æ½øÈëMicrosoft¹Ù·½¸üÐÂÐÎòÁ´½Ó£¬£¬£¬£¬£¬£¬µã»÷×îеÄSSUÃû³Æ²¢ÔÚÐÂÁ´½ÓÖеã»÷¡°Microsoft ¸üÐÂĿ¼¡±£¬£¬£¬£¬£¬£¬È»ºóÔÚÐÂÁ´½ÓÖÐÑ¡ÔñÊÊÓÃÓÚÄ¿µÄϵͳµÄ²¹¶¡¾ÙÐÐÏÂÔز¢×°Öᣡ£¡£¡£¡£¡£

 

£¨¶þ£© ÊÖ¶¯×°ÖøüÐÂ

Microsoft¹Ù·½ÏÂÔØÏìÓ¦²¹¶¡¾ÙÐиüС£¡£¡£¡£¡£¡£

ÏÂÔØÁ´½Ó£º

https://msrc.microsoft.com/update-guide


»º½â²½·¥

Õë¶ÔCVE-2021-24074£º

1.¿ÉÒÔͨ¹ýʹÓÃÏÂÁÖÎÀíԱȨÏÞ£©½«sourceroutingbehavior ÉèÖÃΪ

"drop"£º

netsh int ipv4 set global sourceroutingbehavior=drop

¿ÉʹÓÃÒÔÏÂÏÂÁî»Ö¸´Ä¬ÈÏÉèÖãº

netsh int ipv4 set global sourceroutingbehavior=dontforward

2.ÉèÖ÷À»ðǽ»ò¸ºÔØƽºâÆ÷ÒÔեȡԴ·ÓÉÇëÇ󡣡£¡£¡£¡£¡£

 

Õë¶ÔCVE-2021-24094ºÍCVE-2021-24086£º

1.¿Éͨ¹ýÒÔÏÂÏÂÁÖÎÀíԱȨÏÞ£©½«global reassemblylimit ÉèÖÃΪ0£º

Netsh int ipv6 set global reassemblylimit=0

×¢ÖØ£¬£¬£¬£¬£¬£¬¸ÃÏÂÁ½ûÓÃÊý¾Ý°üÖØ×飬£¬£¬£¬£¬£¬ÂÒÐòÊý¾Ý°ü½«»á±»ÑïÆú£¬£¬£¬£¬£¬£¬½¨ÒéÔÚ²âÊÔÖ®ºóÔÙ¸üÐÂÉú²úϵͳ¡£¡£¡£¡£¡£¡£

¿ÉʹÓÃÒÔÏÂÏÂÁî»Ö¸´Ä¬ÈÏÉèÖãº

Netsh int ipv6 set global reassemblylimit=267748640

2.ÉèÖ÷À»ðǽ»ò¸ºÔØƽºâÆ÷ÒÔեȡIPv6 UDP·Ö¶Î¡£¡£¡£¡£¡£¡£


0x03 ²Î¿¼Á´½Ó

https://msrc.microsoft.com/update-guide/releaseNote/2021-Feb

https://msrc-blog.microsoft.com/2021/02/09/multiple-security-updates-affecting-tcp-ip/

https://www.bleepingcomputer.com/news/security/microsoft-february-2021-patch-tuesday-fixes-56-flaws-1-zero-day/

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24094

 

0x04 ʱ¼äÏß

2021-02-09  MicrosoftÐû²¼Çå¾²¸üÐÂ

2021-02-10  VSRCÐû²¼Ç徲ͨ¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/

image.png