1、产品描述(必填): 该漏洞允许远程攻击者破坏目标系统。该漏洞是由于 Windows Mark of Web 中的安全功能绕过而存在的。远程攻击者可以诱骗受害者打开特制文件并绕过安全功能。
2、影响产品或组件及版本(必填):
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2022 Datacenter: Azure Edition (Hotpatch)
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
3、受影响资产情况(必填):windows操作系统
4、受影响资产列表:
5、利用过程及结果:
6、技术细节表述(必填): 该漏洞允许远程攻击者破坏目标系统。该漏洞是由于 Windows Mark of Web 中的安全功能绕过而存在的。远程攻击者可以诱骗受害者打开特制文件并绕过安全功能。
7、修补措施(必填): 请用户尽快更新至最新版本,安装官方补丁。
8、检测规则:
9、漏洞来源(必填):
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41049
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论