CVE-2020-1457/1425: Microsoft Windows 編解碼器庫遠程執行代碼漏洞
360-CERT [三六零CERT](javascript:void(0)😉 今天
0x00 漏洞背景
2020年07月01日, 360CERT監測發現 Microsoft官方
發佈了 Microsoft Windows 編解碼器庫遠程執行代碼漏洞
的風險通告,該漏洞編號爲 CVE-2020-1457
和CVE-2020-1425
,漏洞等級:嚴重
。
Microsoft Windows
是美國微軟公司研發的一套操作系統,Windows Codecs Library
是其中的一個音頻、視頻文件編解碼器。
Microsoft Windows
編解碼器庫處理內存中的對象的方式中存在遠程代碼執行漏洞,攻擊者可利用該漏洞,藉助特製圖像文件執行任意代碼。
對此,360CERT建議廣大用戶及時安裝最新補丁,做好資產自查以及預防工作,以免遭受黑客攻擊。
0x01 風險等級
360CERT對該漏洞的評定結果如下
評定方式 | 等級 |
---|---|
威脅等級 | 嚴重 |
影響面 | 廣泛 |
0x02 漏洞詳情
Microsoft Windows
編解碼器庫處理內存中的對象的方式中存在遠程代碼執行漏洞,攻擊者可利用該漏洞,藉助特製圖像文件執行任意代碼。
0x03 影響版本
- Windows 10 Version 1709 for 32-bit Systems
- Windows 10 Version 1709 for ARM64-based Systems
- Windows 10 Version 1709 for x64-based Systems
- Windows 10 Version 1803 for 32-bit Systems
- Windows 10 Version 1803 for ARM64-based Systems
- Windows 10 Version 1803 for x64-based Systems
- Windows 10 Version 1809 for 32-bit Systems
- Windows 10 Version 1809 for ARM64-based Systems
- Windows 10 Version 1809 for x64-based Systems
- Windows 10 Version 1903 for 32-bit Systems
- Windows 10 Version 1903 for ARM64-based Systems
- Windows 10 Version 1903 for x64-based Systems
- Windows 10 Version 1909 for 32-bit Systems
- Windows 10 Version 1909 for ARM64-based Systems
- Windows 10 Version 1909 for x64-based Systems
- Windows 10 Version 2004 for 32-bit Systems
- Windows 10 Version 2004 for ARM64-based Systems
- Windows 10 Version 2004 for x64-based Systems
- Windows Server 2019
- Windows Server 2019 (Server Core installation)
- Windows Server, version 1709 (Server Core Installation)
- Windows Server, version 1803 (Server Core Installation)
- Windows Server, version 1903 (Server Core installation)
- Windows Server, version 1909 (Server Core installation)
- Windows Server, version 2004 (Server Core installation)
0x04 修復建議
通用修補建議:
用戶可以通過Microsoft Store App
自行檢查更新,詳細信息可以參考:Get updates for apps and games in Microsoft Store
https://support.microsoft.com/en-us/help/4026259/microsoft-store-get-updates-for-apps-and-games
0x05 時間線
2020-06-30 Microsoft官方發佈通告
2020-07-01 360CERT發佈通告
0x06 參考鏈接
- CVE-2020-1425 | Microsoft Windows Codecs Library Remote Code Execution Vulnerability [https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1425]
- CVE-2020-1457 | Microsoft Windows Codecs Library Remote Code Execution Vulnerability [https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1457]
轉載自https://mp.weixin.qq.com/s/wBilgix5TAPyZ1IUxpk39g