|
|
请企业管理员及时关注此补丁,尽快排查!
PowerShell 是一种跨平台的任务自动化解决方案,由命令行 shell、脚本语言和配置管理框架组成。PowerShell 在 Windows、Linux 和 macOS 上运行。
近日,奇安信 CERT 监测到互联网上公开 PowerShell 远程代码执行漏洞(CVE -2022-41076)技术细节及 PoC,国外厂商将此漏洞命名为“TabShell”。 经过身份认证的远程攻击者可利用此漏洞绕过 PowerShell 限制环境,在目标机器上执行任意 PowerShell 代码。目前,此漏洞技术细节、POC 及 EXP 已公开,鉴于此漏洞影响范围较大,建议尽快做好自查及防护。
一、CVE-2022-41076 PowerShell 远程代码执行漏洞详情
风险等级:严重
漏洞类型:远程代码执行
漏洞简介:由于 PowerShell 对用户提供的输入的验证不足,远程攻击者将特制数据传递给应用程序触发漏洞,在目标系统上执行任意代码。
二、受影响的系统
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 Datacenter: Azure Edition
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
PowerShell 7.2
PowerShell 7.3
奇安信天守终端安全管理系统 ,天守客户端防病毒模块可以拦截。企业管理员请关注这个补丁的安装情况,及时安装补丁修复漏洞,避免被蓄意攻击利用。
天守终端安全管理系统 天守安全软件 天守管理后台 漏洞补丁 |
|
发 帖
发表于 2023-1-13 15:20:42