共计 2188 个字符,预计需要花费 6 分钟才能阅读完成。
产品介绍:
CVE-2024-38063 是一个影响 Windows TCP/IP 堆栈的严重远程代码执行(RCE)漏洞。攻击者可以通过发送特制的 IPv6 数据包远程利用此漏洞,从而在目标系统上执行任意代码。此漏洞特别危险,因为它涉及 TCP/IP 这一支撑互联网通信的核心协议套件,成功利用此漏洞可能导致广泛的系统破坏。
漏洞描述:
CVE-2024-38063 是一个存在于 Windows 系统中的 TCP/IP 堆栈处理 IPv6 流量时的远程代码执行漏洞。攻击者可以通过向目标主机发送精心构造的 IPv6 数据包,远程执行任意代码。由于漏洞利用不需要用户交互,这使得它成为一个“0click”漏洞,极大地降低了攻击的复杂性和成本。
此漏洞的高危性在于它仅需利用特定的 IPv6 数据包即可触发,因此启用了 IPv6 的系统面临较大的风险。微软建议禁用 IPv6 作为暂时的缓解措施,并已发布补丁修复此漏洞,涵盖了所有受支持的 Windows 和 Windows Server 版本,包括 Server Core 安装。
尽管 CVE-2024-38063 目前尚未被积极利用,但由于其攻击复杂性低、无须用户交互以及涉及到关键的网络协议组件,微软将其归类为“更有可能”被利用。对于启用了 IPv6 的系统,尽快应用补丁或采取禁用 IPv6 等防护措施显得尤为重要,以降低潜在的攻击风险。
影响范围:
CVE-2024-38063 漏洞受影响系统版本如下。
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack2
Windows Server 2008 for 32-bit Systems Service Pack 2(Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809。
安全措施:暂时禁用目标计算机上的 IPv6 请参考 Microsoft 官网,部署相应补丁
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38063