¡¾Îó²îͨ¸æ¡¿Windows MSHTML PlatformÇå¾²¹¦Ð§ÈƹýÎó²î£¨CVE-2023-29324£©
Ðû²¼Ê±¼ä 2023-05-12Ò»¡¢Îó²î¸ÅÊö
CVE ID | CVE-2023-29324 | ·¢Ã÷ʱ¼ä | 2023-05-10 |
Àà ÐÍ | Çå¾²¹¦Ð§Èƹý | µÈ ¼¶ | ¸ßΣ |
¹¥»÷ÏòÁ¿ | ÍøÂç | ËùÐèȨÏÞ | ÎÞ |
¹¥»÷ÖØÆ¯ºó | µÍ | Óû§½»»¥ | ÎÞ |
PoC/EXP | δ¹ûÕæ | ÔÚҰʹÓà | ·ñ |
Trident£¨ÓÖ³ÆMSHTML£©ÊÇ΢Èí¹«Ë¾ÎªMicrosoft Windows°æ±¾µÄInternet Explorer¿ª·¢µÄרÓÐä¯ÀÀÆ÷ÒýÇæ¡£¡£¡£
5ÔÂ11ÈÕ£¬£¬£¬£¬£¬¼øºÚµ£±£ÍøVSRC¼à²âµ½Windows MSHTMLƽ̨Çå¾²¹¦Ð§ÈƹýÎó²î£¨CVE-2023-29324£©µÄÎó²îϸ½ÚÔÚ»¥ÁªÍøÉϹûÕæ¡£¡£¡£¸ÃÎó²îµÄCVSSÆÀ·ÖΪ6.5£¬£¬£¬£¬£¬Î¢ÈíÒÑÔÚ5ÔÂ9ÈÕÐû²¼µÄ²¹¶¡ÖÐÐÞ¸´Á˸ÃÎó²î¡£¡£¡£
¸ÃÎó²îΪ΢Èí3Ô²¹¶¡ÈÕÖÐÐÞ¸´µÄMicrosoft OutlookȨÏÞÌáÉýÎó²î£¨CVE-2023-23397£©µÄ²¹¶¡Èƹý£¬£¬£¬£¬£¬¸ÃÎó²îÔ´ÓÚWindows Öз¾¶µÄÖØ´ó´¦Öóͷ££¬£¬£¬£¬£¬Î´¾Éí·ÝÑéÖ¤µÄÍþвÕß¿ÉÒÔʹÓøÃÎó²îÇ¿ÖÆOutlook ¿Í»§¶ËÅþÁ¬µ½ÍþвÕß¿ØÖƵÄЧÀÍÆ÷£¬£¬£¬£¬£¬¿ÉÄܵ¼Ö NTLM ƾ֤й¶¡£¡£¡£
¶þ¡¢Ó°Ïì¹æÄ£
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Èý¡¢Çå¾²²½·¥
3.1 Éý¼¶°æ±¾
΢ÈíÒѾÐû²¼ÁËCVE-2023-23397 ºÍ CVE-2023-29324µÄÇå¾²¸üУ¬£¬£¬£¬£¬ÊÜÓ°ÏìÓû§Ðè×°ÖÃÕâÁ½¸öÎó²îµÄ²¹¶¡²Å»ªÊܵ½ÖÜÈ«±£»£»£»£»£»¤£¬£¬£¬£¬£¬Î¢Èí½¨Òé×°ÖýöÇå¾²¸üеÄÓû§×°ÖÃÕë¶Ô¸ÃÎó²îµÄIEÀÛ»ý¸üУ¬£¬£¬£¬£¬ÒÔÐÞ¸´MSHTMLƽ̨ºÍ¾ç±¾ÒýÇæÖеÄÎó²î¡£¡£¡£
ÏÂÔØÁ´½Ó£º
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29324
3.2 ÔÝʱ²½·¥
ÔÝÎÞ¡£¡£¡£
3.3 ͨÓý¨Òé
l °´ÆÚ¸üÐÂϵͳ²¹¶¡£¡£¡£¬£¬£¬£¬£¬ïÔÌϵͳÎó²î£¬£¬£¬£¬£¬ÌáÉýЧÀÍÆ÷µÄÇå¾²ÐÔ¡£¡£¡£
l ÔöǿϵͳºÍÍøÂçµÄ»á¼û¿ØÖÆ£¬£¬£¬£¬£¬Ð޸ķÀ»ðǽսÂÔ£¬£¬£¬£¬£¬¹Ø±Õ·ÇÐëÒªµÄÓ¦Óö˿ڻòЧÀÍ£¬£¬£¬£¬£¬ïÔ̽«Î£ÏÕЧÀÍ£¨ÈçSSH¡¢RDPµÈ£©Ì»Â¶µ½¹«Íø£¬£¬£¬£¬£¬ïÔ̹¥»÷Ãæ¡£¡£¡£
l ʹÓÃÆóÒµ¼¶Çå¾²²úÆ·£¬£¬£¬£¬£¬ÌáÉýÆóÒµµÄÍøÂçÇå¾²ÐÔÄÜ¡£¡£¡£
l ÔöǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬£¬£¬£¬£¬ÆôÓöàÒòËØÈÏÖ¤»úÖÆºÍ×îСȨÏÞÔÔò£¬£¬£¬£¬£¬Óû§ºÍÈí¼þȨÏÞÓ¦¼á³ÖÔÚ×îµÍÏÞ¶È¡£¡£¡£
l ÆôÓÃÇ¿ÃÜÂëÕ½ÂÔ²¢ÉèÖÃΪ°´ÆÚÐ޸ġ£¡£¡£
3.4 ²Î¿¼Á´½Ó
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29324
https://www.akamai.com/blog/security-research/important-outlook-vulnerability-bypass-windows-api
https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-bypass-for-recently-fixed-outlook-zero-click-bug/
ËÄ¡¢°æ±¾ÐÅÏ¢
°æ±¾ | ÈÕÆÚ | ±¸×¢ |
V1.0 | 2023-05-12 | Ê×´ÎÐû²¼ |
Îå¡¢¸½Â¼
5.1 ¼øºÚµ£±£Íø¼ò½é
¼øºÚµ£±£Íø½¨ÉèÓÚ1996Ä꣬£¬£¬£¬£¬ÊÇÓÉÁôÃÀ²©Ê¿ÑÏÍû¼ÑŮʿ½¨ÉèµÄ¡¢ÓµÓÐÍêÈ«×ÔÖ÷֪ʶ²úȨµÄÐÅÏ¢Çå¾²¸ß¿Æ¼¼ÆóÒµ¡£¡£¡£ÊǺ£ÄÚ×î¾ßʵÁ¦µÄÐÅÏ¢Çå¾²²úÆ·¡¢Ç徲ЧÀͽâ¾ö¼Æ»®µÄÁ캽ÆóÒµÖ®Ò»¡£¡£¡£
¹«Ë¾×ܲ¿Î»ÓÚ±±¾©ÊÐÖйشåÈí¼þÔ°¼øºÚµ£±£Íø´óÏ㬣¬£¬£¬£¬¹«Ë¾Ô±¹¤6000ÓàÈË£¬£¬£¬£¬£¬Ñз¢ÍŶÓ1200ÓàÈË, ÊÖÒÕЧÀÍÍŶÓ1300ÓàÈË¡£¡£¡£ÔÚÌìϸ÷Ê¡¡¢ÊС¢×ÔÖÎÇøÉèÁ¢·ÖÖ§»ú¹¹ÁùÊ®¶à¸ö£¬£¬£¬£¬£¬ÓµÓÐÁýÕÖÌìϵÄÏúÊÛϵͳ¡¢ÇþµÀϵͳºÍÊÖÒÕÖ§³Öϵͳ¡£¡£¡£¹«Ë¾ÓÚ2010Äê6ÔÂ23ÈÕÔÚÉîÛÚÖÐС°å¹ÒÅÆÉÏÊС£¡£¡££¨¹ÉƱ´úÂ룺002439£©
¶àÄêÀ´£¬£¬£¬£¬£¬¼øºÚµ£±£ÍøÖÂÁ¦ÓÚÌṩ¾ßÓйú¼Ê¾ºÕùÁ¦µÄ×ÔÖ÷Á¢ÒìµÄÇå¾²²úÆ·ºÍ×î¼Ñʵ¼ùЧÀÍ£¬£¬£¬£¬£¬×ÊÖú¿Í»§ÖÜÈ«ÌáÉýÆäIT»ù´¡ÉèÊ©µÄÇå¾²ÐÔºÍÉú²úЧÄÜ£¬£¬£¬£¬£¬Îª´òÔìºÍÌáÉý¹ú¼Ê»¯µÄÃñ×åÐÅÏ¢Çå¾²¹¤ÒµÁì¾üÆ·ÅÆ¶ø²»Ð¸Æð¾¢¡£¡£¡£
5.2 ¹ØÓÚ¼øºÚµ£±£Íø
¼øºÚµ£±£ÍøÇå¾²Ó¦¼±ÏìÓ¦ÖÐÐÄÒÑÐû²¼1000¶à¸öÎó²îͨ¸æºÍΣº¦Ô¤¾¯£¬£¬£¬£¬£¬ÎÒÃǽ«Ò»Á¬¸ú×ÙÈ«Çò×îеÄÍøÂçÇå¾²ÊÂÎñºÍÎó²î£¬£¬£¬£¬£¬ÎªÆóÒµµÄÐÅÏ¢Çå¾²±£¼Ý»¤º½¡£¡£¡£
¹Ø×¢ÎÒÃÇ£º