Windows Advanced Local Procedure Call 權(quán)限提升漏洞
- CNNVD編號:未知
- 危害等級: 未知
- CVE編號:CVE-2022-30160
- 漏洞類型: 本地權(quán)限提升
- 威脅類型:未知
- 廠 商:未知
- 漏洞來源:深信服
- 發(fā)布時間:2022-06-24
- 更新時間:2022-06-24
漏洞簡介
2022年06月15日,深信服安全團隊監(jiān)測到 ALPC 組件存在權(quán)限提升漏洞,漏洞編號:CVE-2022-30160,漏洞威脅等級:高危。
攻擊者可利用該漏洞在獲得權(quán)限的情況下,構(gòu)造惡意程序進行權(quán)限提升攻擊,最終可獲取服務(wù)器最高權(quán)限。
漏洞公示
暫無
參考網(wǎng)站
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30160
受影響實體
以下版本的操作系統(tǒng)受漏洞影響:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 11 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server 2022 Azure Edition Core Hotpatch
Windows Server version 20H2 (Server Core Installan)
補丁
當前官方已發(fā)布受影響版本的對應(yīng)補丁,建議受影響的用戶及時更新官方的安全補丁。鏈接如下:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30160
打補丁方法:
1. 打開上述鏈接,根據(jù)系統(tǒng)版本選擇對應(yīng)的補丁包進行下載。
2. 在需要打補丁的 Windows 系統(tǒng)中運行補丁包。