1、产品描述（必填）：  该漏洞允许远程攻击者破坏目标系统。该漏洞是由于 Windows Mark of Web 中的安全功能绕过而存在的。远程攻击者可以诱骗受害者打开特制文件并绕过安全功能。

2、影响产品或组件及版本（必填）：  

         Windows 10 Version 22H2 for ARM64-based Systems

         Windows 10 Version 22H2 for x64-based Systems

         Windows 10 Version 22H2 for 32-bit Systems

         Windows 11 Version 22H2 for x64-based Systems

         Windows 11 Version 22H2 for ARM64-based Systems

         Windows Server 2016 (Server Core installation)

         Windows Server 2016

         Windows 10 Version 1607 for x64-based Systems

         Windows 10 Version 1607 for 32-bit Systems

        Windows 10 for x64-based Systems

        Windows 10 for 32-bit Systems

        Windows 10 Version 21H2 for x64-based Systems

        Windows 10 Version 21H2 for ARM64-based Systems

       Windows 10 Version 21H2 for 32-bit Systems

       Windows 11 for ARM64-based Systems

       Windows 11 for x64-based Systems

       Windows 10 Version 20H2 for ARM64-based Systems

       Windows 10 Version 20H2 for 32-bit Systems

       Windows 10 Version 20H2 for x64-based Systems

       Windows Server 2022 Datacenter: Azure Edition (Hotpatch)

       Windows Server 2022 (Server Core installation)

      Windows Server 2022

      Windows 10 Version 21H1 for 32-bit Systems

      Windows 10 Version 21H1 for ARM64-based Systems

      Windows 10 Version 21H1 for x64-based Systems

      Windows Server 2019 (Server Core installation)

     Windows Server 2019

     Windows 10 Version 1809 for ARM64-based Systems

     Windows 10 Version 1809 for x64-based Systems

     Windows 10 Version 1809 for 32-bit Systems

3、受影响资产情况（必填）：windows操作系统

4、受影响资产列表：

5、利用过程及结果：

6、技术细节表述（必填）：   该漏洞允许远程攻击者破坏目标系统。该漏洞是由于 Windows Mark of Web 中的安全功能绕过而存在的。远程攻击者可以诱骗受害者打开特制文件并绕过安全功能。

7、修补措施（必填）：       请用户尽快更新至最新版本，安装官方补丁。

8、检测规则：

9、漏洞来源（必填）：

       https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41049

       https://www.cisa.gov/known-exploited-vulnerabilities-catalog