一、漏洞详情
windows操作系统内核库中dwm(桌面窗口管理器)可在桌面上实现视觉效果以及各种功能,监测发现存在权限提升漏洞(cve-2024-30051)。
攻击者可以通过该漏洞劫持相关共享内存,控制内存数据,实现任意函数调用等功能,最终实现windows本地提权。该漏洞利用代码中适配了大多数windows 10和windows 11环境,且漏洞利用条件方式简单,危害性高。
建议受影响用户做好资产自查以及预防工作,以免遭受黑客攻击。
二、影响范围
windows 10 for 32-bit systems
windows 10 for x64-based systems
windows 10 version 1607 for 32-bit systems
windows 10 version 1607 for x64-based systems
windows 10 version 1809 for 32-bit systems
windows 10 version 1809 for arm64-based systems
windows 10 version 1809 for x64-based systems
windows 10 version 21h2 for 32-bit systems
windows 10 version 21h2 for arm64-based systems
windows 10 version 21h2 for x64-based systems
windows 10 version 22h2 for 32-bit systems
windows 10 version 22h2 for arm64-based systems
windows 10 version 22h2 for x64-based systems
windows 11 version 21h2 for arm64-based systems
windows 11 version 21h2 for x64-based systems
windows 11 version 22h2 for arm64-based systems
windows 11 version 22h2 for x64-based systems
windows 11 version 23h2 for arm64-based systems
windows 11 version 23h2 for x64-based systems
windows server 2016
windows server 2016 (server core installation)
windows server 2019
windows server 2019 (server core installation)
windows server 2022
windows server 2022 (server core installation)
三、修复建议
目前微软针对支持的产品已发布升级补丁修复了上述漏洞,请用户参考官方通告及时下载更新补丁。校园网提供了windows 系统补丁自动更新服务,通过安装自动更新脚本,可定期从校内补丁服务器自动更新各类最新补丁,详见http://winupdate.njau.edu.cn。