关于Microsoft WordPad信息泄露漏洞(CVE-2023-36563)的预警提示

发布者:jsut发布时间:2023-11-10浏览次数:538

一、漏洞详情

写字板(WordPad)是简单的文字处理器。自从Windows 95开始,Microsoft Windows大部分的版本都内建了这个软体。

近日,监测到 Microsoft WordPad信息泄露漏洞(CVE-2023-36563)wordpad在解析rtf文件包含的ole对象时会尝试访问Linked objectTopic指向的文件,如果Topic是一个UNC路径则会尝试通过网络访问,并尝试使用NTLM认证,导致泄露NTLM hash

建议受影响用户做好资产自查以及预防工作,以免遭受黑客攻击。

二、影响范围

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows 11 version 21H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

三、修复建议

下载对应目标系统的补丁并安装:https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-36563