微软2024-09补丁日安全通告
2024年9月11日(北京时间),微软发布了2024 年 9月安全更新,共发布了79个CVE的补丁程序,同比上月减少了23个。
在漏洞安全等级方面,存在7个标记等级为“Critical”的漏洞,71个漏洞被标记为“Important/High”等级的漏洞;在漏洞类型方面,主要有23个远程代码执行漏洞,30个权限提升漏洞以及11个信息泄露漏洞。
漏洞分析
2024年漏洞数量趋势
总体上来看,微软本月发布的补丁数量为79个,有7个 Critical 漏洞补丁。
千里目安全技术中心在综合考虑往年微软公布漏洞数量的数据统计和今年的特殊情况,初步估计微软在今年十月份公布的漏洞数将比今年九月份多。漏洞数量将会维持在90个左右。
历史微软补丁日9月漏洞对比
2021-2024年,9月份的漏洞数趋势如下图:
2021-2024年,9月份的漏洞危险等级趋势和数量如下图:
2021-2024年,9月份的漏洞各个类型数量对比如下图:
图 4 微软近年9月漏洞类型对比
数据来源:根据微软官方安全更新通告中的数据统计
从漏洞数量来看,今年相较去年增多。微软在2024年9月份爆发的漏洞相较于去年减少。本月出现了79个漏洞补丁,并且有7个 Critical 类型的漏洞补丁。
从漏洞的危险等级来看,相较去年“Critical”等级的漏洞数量减少,“Important/High”等级的漏洞数量增多。本月出现了7个“Critical”等级的漏洞,相较去年增加了40%;本月出现了71个“Important/High”等级的漏洞,相较去年增多了约20%。
从漏洞类型来看,RCE类型的漏洞数量增多,DoS类型的漏洞数量减少,EoP类型的漏洞数量减少,仍然需要引起高度重视,尤其是RCE漏洞在配合社工手段的前提下,甚至可以直接接管整个局域网并进行进一步扩展攻击。
重要漏洞分析
漏洞分析
Microsoft Windows 更新远程代码执行漏洞 CVE-2024-43491
Windows Update是一个适用于Windows系列操作系统的Microsoft服务,可自动从互联网下载和安装Microsoft Windows软件更新。该服务可以提供Windows的软件更新和各种微软杀毒软件的更新,包括Windows Defender和Microsoft Security Essentials。
其中存在远程执行代码漏洞,攻击者可以利用该漏洞在目标系统执行任意代码。该漏洞存在在野利用,经过评估,危害比较大,我们建议用户及时更新微软安全补丁。
Windows Web 查询标记安全功能绕过漏洞 CVE-2024-38217
Web 查询标记 (MoTW) 是 Microsoft Windows 使用于将从互联网下载的文件标记为潜在不安全的文件的功能。
其中存在安全功能绕过漏洞,攻击者可以利用该漏洞在绕过目标系统上的安全功能,做出规定之外的行为。漏洞存在在野利用,经过评估,危害比较大,我们建议用户及时更新微软安全补丁。
Microsoft Publisher 安全功能绕过漏洞 CVE-2024-38226
Microsoft Publisher 是微软推出的一款桌面出版应用程序,与 Microsoft Word 的不同之处在于它更注重页面布局和图形设计,而不是文本编写和校对。
其中存在安全功能绕过漏洞,攻击者可以利用该漏洞在绕过目标系统上的安全功能,做出规定之外的行为。漏洞存在在野利用,经过评估,危害比较大,我们建议用户及时更新微软安全补丁
Windows Installer 特权提升漏洞 CVE-2024-38014
Windows Installer 是 Microsoft Windows用于软件的安装、维护和删除的编程接口。
其中存在特权提升漏洞,攻击者可以利用该漏洞在目标系统获取更高的权限。漏洞存在在野利用,该漏洞经过评估,危害比较大,我们建议用户及时更新微软安全补丁。
影响范围
漏洞名称、CVE编号 | 受影响版本 |
Microsoft Windows 更新远程代码执行漏洞 CVE-2024-43491 | Windows 10 for x64-based Systems Windows 10 for 32-bit Systems |
Windows Web 查询标记安全功能绕过漏洞 CVE-2024-38217 | Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 11 Version 24H2 for x64-based Systems Windows 11 Version 24H2 for ARM64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
Microsoft Publisher 安全功能绕过漏洞 CVE-2024-38226 | Microsoft Publisher 2016 (64-bit edition) Microsoft Publisher 2016 (32-bit edition) Microsoft Office LTSC 2021 for 32-bit editions Microsoft Office LTSC 2021 for 64-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for 32-bit editions |
Windows Installer 特权提升漏洞 CVE-2024-38014 | Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 11 Version 24H2 for x64-based Systems Windows 11 Version 24H2 for ARM64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems |
解决方案
官方修复建议
微软官方已更新受影响软件的安全补丁,用户可根据不同系统版本下载安装对应的安全补丁,安全更新链接如下:
1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43491
2. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38217
3. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38226
4. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38014
参考链接
https://msrc.microsoft.com/update-guide/releaseNote/2024-Sep
时间轴
2024/9/11
微软例行补丁日,微软官网发布漏洞安全公告。
2024/9/12
深信服千里目安全技术中心发布安全通告。
点击阅读原文,及时关注并登录深信服智安全平台,可轻松查询漏洞相关解决方案。