一、漏洞概要

二、漏洞分析

2.1 组件介绍

Windows jscript是由微软公司开发的动态脚本语言，是微软对ECMAScript规范的实现。

2.2 漏洞描述

2022年12月9日，深信服安全团队监测到微软官方发布了一则漏洞安全通告，通告披露了Windows及Windows Server存在Windows脚本语言代码执行漏洞的信息，漏洞编号：CVE-2022-41128，漏洞威胁等级：高危。

该漏洞是由于JIT编译优化中存在的类型混淆问题，攻击者可利用该漏洞在获得权限的情况下，构造恶意数据执行远程代码攻击，最终获取服务器最高权限。

三、影响范围

目前受影响的Windows及Windows Server版本：

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 7 for x64-based Systems Service Pack 1

Windows 7 for 32-bit Systems Service Pack 1

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows Server 2012 R2

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 for ARM64-based Systems

Windows 11 for x64-based Systems

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

四、解决方案

4.1修复建议

1.官方修复建议

当前官方已发布受影响版本的对应补丁，建议受影响的用户及时更新官方的安全补丁。链接如下：

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-41128