¡¾Îó²îͨ¸æ¡¿Windows Defender Credential Guard ȨÏÞÌáÉýÎó²î£¨CVE-2022-34711£©

Ðû²¼Ê±¼ä 2022-08-17


0x00 Îó²î¸ÅÊö

CVE   ID

CVE-2022-34711

·¢Ã÷ʱ¼ä

2022-08-16

Àà    ÐÍ

EOP

µÈ    ¼¶

¸ßΣ

Ô¶³ÌʹÓÃ

·ñ

Ó°Ïì¹æÄ£


¹¥»÷ÖØƯºó

µÍ

Óû§½»»¥

ÎÞ

PoC/EXP


ÔÚҰʹÓÃ


 

0x01 Îó²îÏêÇé

Windows Defender Credential Guard ʹÓÃÐéÄ⻯½«Æ¾Ö¤´æ´¢ÔÚÓë²Ù×÷ϵͳÍÑÀëµÄÊܱ£»¤ÈÝÆ÷ÖУ¬ÒÔ±£»¤ÐÅÏ¢Çå¾² ¡£

8ÔÂ15ÈÕ£¬Î¢ÈíÐû²¼Ç徲ͨ¸æ£¬¹ûÕæÁËWindows Defender Credential GuardÖеÄ2¸öÇå¾²Îó²î£¬ÏêÇéÈçÏ£º

CVE-2022-34711£ºWindows Defender Credential Guard ȨÏÞÌáÉýÎó²î

Windows Defender Credential GuardÖб£´æȨÏÞÌáÉýÎó²î£¬ÆäCVSSÆÀ·ÖΪ7.8£¬ÀÖ³ÉʹÓøÃÎó²î¿ÉÒÔ»ñµÃSYSTEMȨÏÞ ¡£ÏÖÔÚ¸ÃÎó²îÔÝδ±»¹ûÕæÅû¶ºÍʹÓã¬Î¢ÈíµÄ¿ÉʹÓÃÐÔÆÀ¹ÀΪ¡°Ê¹ÓõĿÉÄÜÐÔ½ÏС¡± ¡£

CVE-2022-35822£ºWindows Defender Credential Guard Çå¾²¹¦Ð§ÈƹýÎó²î

Windows Defender Credential Guard Öб£´æÇå¾²ÈƹýÎó²î£¬ÆäCVSSÆÀ·ÖΪ7.1£¬ÀÖ³ÉʹÓøÃÎó²î¿ÉÒÔÈƹý Defender Credential Guard ʹÓÃµÄ Kerberos ±£»¤ ¡£ÏÖÔÚ¸ÃÎó²îÔÝδ±»¹ûÕæÅû¶ºÍʹÓã¬Î¢ÈíµÄ¿ÉʹÓÃÐÔÆÀ¹ÀΪ¡°Ê¹ÓõĿÉÄÜÐÔ½ÏС¡± ¡£

 

Ó°Ïì¹æÄ£

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 for ARM64-based Systems

Windows 11 for x64-based Systems

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

 

0x02 Çå¾²½¨Òé

ÕâЩÎó²îÒÑÔÚ2022Äê8ÔÂ9ÈÕÐû²¼µÄÇå¾²¸üÐÂÖÐÐÞ¸´£¬ÒÑ×°ÖÃ8ÔÂÇå¾²¸üеÄÓû§ÎÞÐè½ÓÄÉÆäËü²½·¥ ¡£

 

0x03 ²Î¿¼Á´½Ó

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-35822

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34711

 

0x04 °æ±¾ÐÅÏ¢

°æ±¾

ÈÕÆÚ

ÐÞ¸ÄÄÚÈÝ

V1.0

2022-08-17

Ê×´ÎÐû²¼

 

0x05 ¸½Â¼

×ðÁú¿­Ê±¼ò½é

×ðÁú¿­Ê±½¨ÉèÓÚ1996Ä꣬ÊÇÓÉÁôÃÀ²©Ê¿ÑÏÍû¼ÑŮʿ½¨ÉèµÄ¡¢ÓµÓÐÍêÈ«×ÔÖ÷֪ʶ²úȨµÄÐÅÏ¢Çå¾²¸ß¿Æ¼¼ÆóÒµ ¡£ÊǺ£ÄÚ×î¾ßʵÁ¦µÄÐÅÏ¢Çå¾²²úÆ·¡¢Çå¾²·þÎñ½â¾ö¼Æ»®µÄÁ캽ÆóÒµÖ®Ò» ¡£

¹«Ë¾×ܲ¿Î»ÓÚ±±¾©ÊÐÖйشåÈí¼þÔ°×ðÁú¿­Ê±´óÏ㬹«Ë¾Ô±¹¤½ü4000ÈË£¬Ñз¢ÍŶÓ1200ÓàÈË, ÊÖÒÕ·þÎñÍŶÓ1300ÓàÈË ¡£ÔÚÌìϸ÷Ê¡¡¢ÊС¢×ÔÖÎÇøÉèÁ¢·ÖÖ§»ú¹¹ÁùÊ®¶à¸ö£¬ÓµÓÐÁýÕÖÌìϵÄÏúÊÛϵͳ¡¢ÇþµÀϵͳºÍÊÖÒÕÖ§³Öϵͳ ¡£¹«Ë¾ÓÚ2010Äê6ÔÂ23ÈÕÔÚÉîÛÚÖÐС°å¹ÒÅÆÉÏÊÐ ¡££¨¹ÉƱ´úÂ룺002439£©

¶àÄêÀ´£¬×ðÁú¿­Ê±ÖÂÁ¦ÓÚÌṩ¾ßÓйú¼Ê¾ºÕùÁ¦µÄ×ÔÖ÷Á¢ÒìµÄÇå¾²²úÆ·ºÍ×î¼Ñʵ¼ù·þÎñ£¬×ÊÖú¿Í»§ÖÜÈ«ÌáÉýÆäIT»ù´¡ÉèÊ©µÄÇå¾²ÐÔºÍÉú²úЧÄÜ£¬Îª´òÔìºÍÌáÉý¹ú¼Ê»¯µÄÃñ×åÐÅÏ¢Çå¾²¹¤ÒµÁì¾üÆ·Åƶø²»Ð¸Æð¾¢ ¡£

 

¹ØÓÚ×ðÁú¿­Ê±

×ðÁú¿­Ê±Çå¾²Ó¦¼±ÏìÓ¦ÖÐÐÄÖ÷ÒªÕë¶ÔÖ÷ÒªÇå¾²Îó²îµÄÔ¤¾¯¡¢¸ú×ٺͷÖÏíÈ«Çò×îеÄÍþвÇ鱨ºÍÇå¾²±¨¸æ ¡£

¹Ø×¢ÒÔϹ«Öںţ¬»ñÈ¡È«Çò×îÐÂÇå¾²×ÊѶ£º

image.png