3月“微软补丁日” 发布多个高危漏洞

　　近日，安全狗应急响应中心监测到微软发布了2022年3月的例行安全更新公告，共涉及漏洞数71个，包括3个0day漏洞，无严重级别漏洞，重要级别54个。本次发布涉及Azure Site Recovery、Microsoft Defender、Microsoft Office 、Visual Studio Code、Microsoft Exchange Server、Windows HTML Platform、Windows Installer、Windows Kernel、Windows Print Spooler Components、Windows Remote Desktop、Windows SMB Server和Windows Update Stack等多个软件的安全更新。

　　漏洞描述

　　在此次公告中以下漏洞需要重点关注：

　　CVE-2022-21990(远程桌面客户端远程代码执行漏洞)：漏洞CVSS评分8.8。

　　在远程桌面连接的情况下，当受害者使用易受攻击的远程桌面客户端连接到攻击服务器时，具有控制远程桌面服务器的攻击者可能会触发RDP客户端计算机上的远程代码执行(RCE)。

　　CVE-2022-23277(Microsoft Exchange Server 远程代码执行漏洞)：漏洞CVSS评分8.8。

　　利用此漏洞的攻击者可以针对服务器帐户进行任意或远程代码执行。作为经过身份验证的用户，攻击者可以尝试通过网络调用在服务器帐户的上下文中触发恶意代码。

　　CVE-2022-24508(Windows SMBv3 客户端/服务器 远程代码执行漏洞)：漏洞CVSS评分6.3

　　经过身份验证的攻击者才可以使用此漏洞针对服务器帐户进行任意或远程代码执行。该漏洞存在于 Windows 10 version 2004 中添加的新功能中，并且存在于较新的受支持 Windows 版本中。旧版本的 Windows 不受影响。建议存在该漏洞的企业在边界防火墙处阻止 TCP 端口 445或遵循 Microsoft 指南，以防 SMB 流量形成横向连接进入或离开网络。

　　漏洞名称“微软补丁日” 多个产品高危漏洞

　　漏洞影响版本(CVE-2022-21990)：

　　Windows Server 2012 R2 (Server Core installation)

　　Windows Server 2012 R2 (Server Core installation)

　　Windows Server 2012 R2

　　Windows Server 2012 R2

　　Windows Server 2012 (Server Core installation)

　　Windows Server 2012 (Server Core installation)

　　Windows Server 2012

　　Windows Server 2012

　　Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

　　Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

　　Windows Server 2008 R2 for x64-based Systems Service Pack 1

　　Windows Server 2008 R2 for x64-based Systems Service Pack 1

　　Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

　　Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

　　Windows Server 2008 for x64-based Systems Service Pack 2

　　Windows Server 2008 for x64-based Systems Service Pack 2

　　Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

　　Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

　　Windows Server 2008 for 32-bit Systems Service Pack 2

　　Windows Server 2008 for 32-bit Systems Service Pack 2

　　Windows RT 8.1

　　Windows 8.1 for x64-based systems

　　Windows 8.1 for x64-based systems

　　Windows 8.1 for 32-bit systems

　　Windows 8.1 for 32-bit systems

　　Windows 7 for x64-based Systems Service Pack 1

　　Windows 7 for x64-based Systems Service Pack 1

　　Windows 7 for 32-bit Systems Service Pack 1

　　Windows 7 for 32-bit Systems Service Pack 1

　　Windows Server 2016 (Server Core installation)

　　Windows Server 2016

　　Windows 10 Version 1607 for x64-based Systems

　　Windows 10 Version 1607 for 32-bit Systems

　　Windows 10 for x64-based Systems

　　Windows 10 for 32-bit Systems

　　Windows 10 Version 21H2 for x64-based Systems

　　Windows 10 Version 21H2 for ARM64-based Systems

　　Windows 10 Version 21H2 for 32-bit Systems

　　Windows 11 for ARM64-based Systems

　　Windows 11 for x64-based Systems

　　Windows Server, version 20H2 (Server Core Installation)

　　Windows 10 Version 20H2 for ARM64-based Systems

　　Windows 10 Version 20H2 for 32-bit Systems

　　Windows 10 Version 20H2 for x64-based Systems

　　Windows Server 2022 (Server Core installation)

　　Windows Server 2022

　　Windows 10 Version 21H1 for 32-bit Systems

　　Windows 10 Version 21H1 for ARM64-based Systems

　　Windows 10 Version 21H1 for x64-based Systems

　　Remote Desktop client for Windows Desktop

　　Windows 10 Version 1909 for ARM64-based Systems

　　Windows 10 Version 1909 for x64-based Systems

　　Windows 10 Version 1909 for 32-bit Systems

　　Windows Server 2019 (Server Core installation)

　　Windows Server 2019

　　Windows 10 Version 1809 for ARM64-based Systems

　　Windows 10 Version 1809 for x64-based Systems

　　Windows 10 Version 1809 for 32-bit Systems

　　CVE-2022-23277：

　　Microsoft Exchange Server 2019 Cumulative Update 11

　　Microsoft Exchange Server 2016 Cumulative Update 22

　　Microsoft Exchange Server 2019 Cumulative Update 10

　　Microsoft Exchange Server 2016 Cumulative Update 21

　　Microsoft Exchange Server 2013 Cumulative Update 23

　　CVE-2022-24508：

　　Windows 10 Version 21H2 for ARM64-based Systems

　　Windows 10 Version 21H2 for 32-bit Systems

　　Windows 11 for ARM64-based Systems

　　Windows 11 for x64-based Systems

　　Windows Server, version 20H2 (Server Core Installation)

　　Windows 10 Version 20H2 for ARM64-based Systems

　　Windows 10 Version 20H2 for 32-bit Systems

　　Windows 10 Version 20H2 for x64-based Systems

　　Windows 10 Version 21H2 for x64-based Systems

　　Windows Server 2022 Azure Edition Core Hotpatch

　　Windows Server 2022 (Server Core installation)

　　Windows Server 2022

　　Windows 10 Version 21H1 for 32-bit Systems

　　Windows 10 Version 21H1 for ARM64-based Systems

　　Windows 10 Version 21H1 for x64-based Systems

　　漏洞危害等级：高危

　　厂商是否已发布漏洞补丁：是

　　版本更新地址：https://msrc.microsoft.com/update-guide/releaseNote/2022-Mar

　　处置措施

　　微软官方已发布漏洞修复更新，安全狗建议您：

　　1)更新系统补丁：确保服务器打上了所需的补丁，打开Windows Update更新功能或下载修复补丁，点击“检查更新”。

　　2)不要打开来历不明的文件或者链接：避免被攻击者利用在机器上执行恶意代码。

　　【备注】：建议您在升级前做好数据备份工作，避免出现意外