Microsoft Windows 支持診斷工具 (MSDT) 遠(yuǎn)程代碼執(zhí)行漏洞（CVE-2022-30190）

2022-06-02

一、概要

近日，華為云關(guān)注到業(yè)界有安全研究人員披露漏洞代號(hào)為“Follina”，利用Windows 支持診斷工具 (MSDT)實(shí)現(xiàn)遠(yuǎn)程代碼執(zhí)行的技術(shù)細(xì)節(jié)。根據(jù)微軟官方描述，從 Word 等調(diào)用應(yīng)用程序使用 URL 協(xié)議調(diào)用 MSDT 時(shí)存在遠(yuǎn)程執(zhí)行代碼漏洞（CVE-2022-30190），成功利用此漏洞的攻擊者可以使用調(diào)用應(yīng)用程序的權(quán)限運(yùn)行任意代碼。目前EXP/POC已公開(kāi)，已出現(xiàn)在野利用，風(fēng)險(xiǎn)較高。

華為云提醒用戶盡快安排自檢并做好安全加固。

參考鏈接：

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190

https://msrc-blog.microsoft.com/2022/05/30/guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability/

二、漏洞級(jí)別

漏洞級(jí)別：【嚴(yán)重】

（說(shuō)明：漏洞級(jí)別共四級(jí)：一般、重要、嚴(yán)重、緊急）

三、影響范圍

影響版本：

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows 7 for x64-based Systems Service Pack 1

Windows 7 for 32-bit Systems Service Pack 1

Windows Server 2016  (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 for ARM64-based Systems

Windows 11 for x64-based Systems

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 Azure Edition Core Hotpatch

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows Server 2019  (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

安全版本：暫無(wú)

五、安全建議

截止到目前微軟官方還未發(fā)布安全補(bǔ)丁，請(qǐng)受影響用戶關(guān)注微軟官方發(fā)布補(bǔ)丁進(jìn)展，及時(shí)升級(jí)修復(fù)。

緩解措施：

1、警惕點(diǎn)擊來(lái)源不明的郵件附件文檔；

2、禁用 MSDT URL 協(xié)議：參考官方提供的緩解措施，禁用 MSDT URL 協(xié)議或通過(guò) Microsoft Defender 檢測(cè)和保護(hù)系統(tǒng)進(jìn)行臨時(shí)緩解，詳情請(qǐng)查看：guidance-for-cve-2022-30190-microsoft-support-diagnostic-tool-vulnerability

注：修復(fù)漏洞前請(qǐng)將資料備份，并進(jìn)行充分測(cè)試。