【漏洞预警】Windows ALPC本地提权漏洞(CVE-2019-1162)

  • 内容
  • 相关

2019年8月13日,MSRC(微软安全应急响应中心)发布安全通告修复了 Windows操作系统高级本地过程调用(ALPC)中的一个本地提权漏洞(CVE-2019-1162)。

Image


利用条件:

攻击者需要事先获得了在目标系统中执行代码的权限才可利用此漏洞。成功利用此漏洞的攻击者可提权至 SYSTEM 获取对目标系统的最高控制权。

目前该漏洞相关利用代码已被公开,建议尽早修复。

影响范围:

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1703 for 32-bit Systems

Windows 10 Version 1703 for x64-based Systems

Windows 10 Version 1709 for 32-bit Systems

Windows 10 Version 1709 for 64-based Systems

Windows 10 Version 1709 for ARM64-basedSystems

Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for ARM64-basedSystems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-basedSystems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1903 for 32-bit Systems

Windows 10 Version 1903 for ARM64-basedSystems

Windows 10 Version 1903 for x64-based Systems

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack1

Windows 8.1 for 32-bit systems

Windows 8.1 for x64-based systems

Windows RT 8.1

Windows Server 2008 for 32-bit SystemsService Pack 2

Windows Server 2008 for 32-bit SystemsService Pack 2 (Server Core installation)

Windows Server 2008 for Itanium-Based SystemsService Pack 2

Windows Server 2008 for x64-based SystemsService Pack 2

Windows Server 2008 for x64-based SystemsService Pack 2 (Server Core installation)

Windows Server 2008 R2 for Itanium-BasedSystems Service Pack 1

Windows Server 2008 R2 for x64-based SystemsService Pack 1

Windows Server 2008 R2 for x64-based SystemsService Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Coreinstallation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Coreinstallation)

Windows Server 2016

Windows Server 2016 (Server Coreinstallation)

Windows Server 2019

Windows Server 2019 (Server Coreinstallation)

Windows Server, version 1803 (Server CoreInstallation)

Windows Server, version 1903 (Server Coreinstallation)

修复建议:

微软官方目前已发布补丁以修复这些漏洞,请及时进行修复。

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1162

本文标签:

版权声明:若无特殊注明,本文皆为《舜哥哥吖》原创,转载请保留文章出处。

本文链接:【漏洞预警】Windows ALPC本地提权漏洞(CVE-2019-1162) - http://www.shungg.cn/post/245

发表评论

电子邮件地址不会被公开。 必填项已用*标注

评论

2条评论
  1. avatar

    ddosliu Lv.1 Chrome 76.0.3809.132 Chrome 76.0.3809.132 Windows 7 Windows 7 回复

    表情 写得好好哟,我要给你生猴子!

    山东省 联通

    1. avatar

      绅士福利 Lv.1 Chrome 75.0.3770.142 Chrome 75.0.3770.142 Windows Windows 回复

      黑客技术??

      江苏省苏州市 电信