¡¾Îó²îͨ¸æ¡¿Windows TCP/IPÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2024-38063£©

Ðû²¼Ê±¼ä 2024-08-19


Ò»¡¢Îó²î¸ÅÊö

Îó²îÃû³Æ

Windows TCP/IPÔ¶³Ì´úÂëÖ´ÐÐÎó²î

CVE   ID

CVE-2024-38063

Îó²îÀàÐÍ

RCE

·¢Ã÷ʱ¼ä

2024-08-14

Îó²îÆÀ·Ö

9.8

Îó²îÆ·¼¶

ÑÏÖØ

¹¥»÷ÏòÁ¿

ÍøÂç

ËùÐèȨÏÞ

ÎÞ

ʹÓÃÄѶÈ

µÍ

Óû§½»»¥

ÎÞ

PoC/EXP

ÒѹûÕæ

ÔÚҰʹÓÃ

δ·¢Ã÷

 

Windows TCP/IP ÊÇ Windows ²Ù×÷ϵͳÖÐÓÃÓÚÍøÂçͨѶµÄ½¹µãЭÒéÕ» £¬£¬£¬£¬Ëü×ñÕÕTCP£¨´«Êä¿ØÖÆЭÒ飩ºÍIP£¨»¥ÁªÍøЭÒ飩±ê×¼¡£¡£¡£Windows TCP/IP ЭÒéÕ»Ö§³Ö²Ù×÷ϵͳÓëÆäËûÅÌËã»úºÍÍøÂç×°±¸£¨Èç·ÓÉÆ÷¡¢Ð§ÀÍÆ÷¡¢¿Í»§¶ËµÈ£©¾ÙÐÐͨѶ £¬£¬£¬£¬ÊÇËùÓлùÓÚÍøÂçµÄ²Ù×÷ºÍÓ¦ÓõĻù´¡¡£¡£¡£

2024Äê8ÔÂ14ÈÕ £¬£¬£¬£¬¿­Ê±K66¼¯ÍÅVSRC¼à²âµ½Î¢ÈíÐû²¼8ÔÂÇå¾²¸üР£¬£¬£¬£¬ÐÞ¸´ÁËWindows TCP/IP Ô¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2024-38063£© £¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ9.8 £¬£¬£¬£¬»áÓ°ÏìËùÓÐʹÓà IPv6£¨Ä¬ÈÏÆôÓã©µÄ Windows ϵͳ¡£¡£¡£

Windows TCP/IPÖб£´æÕûÊýÏÂÒçÎó²î £¬£¬£¬£¬¿ÉʹÓøÃÎó²î´¥·¢»º³åÇøÒç³ö £¬£¬£¬£¬Î´¾­Éí·ÝÑéÖ¤µÄÍþвÕß¿Éͨ¹ýÏòÊÜÓ°ÏìµÄWindows ÅÌËã»úÖظ´·¢ËÍÌØÖÆIPv6 Êý¾Ý°üÀ´Ê¹ÓøÃÎó²î £¬£¬£¬£¬ÀÖ³ÉʹÓÿÉÄܵ¼Ö¾ܾøЧÀÍ»òÔ¶³Ì´úÂëÖ´ÐС£¡£¡£


¶þ¡¢Îó²î¸´ÏÖ

¡¾Îó²î¸´ÏÖ¡¿Windows TCPIPÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2024-38063£©.jpg


Èý¡¢Ó°Ïì¹æÄ£

Windows 11 Version 24H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows Server 2022, 23H2 Edition (Server Core installation)

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems


ËÄ¡¢Çå¾²²½·¥

4.1 Éý¼¶°æ±¾

ÏÖÔÚ΢ÈíÒÑÐû²¼Á˸ÃÎó²îµÄÇå¾²¸üР£¬£¬£¬£¬¼øÓÚÎó²îµÄÑÏÖØÐÔ £¬£¬£¬£¬½¨ÒéÊÜÓ°ÏìÓû§¾¡¿ìÐÞ¸´¡£¡£¡£

£¨Ò»£© Windows Update×Ô¶¯¸üÐÂ

Microsoft UpdateĬÈÏÆôÓà £¬£¬£¬£¬µ±ÏµÍ³¼ì²âµ½¿ÉÓøüÐÂʱ £¬£¬£¬£¬½«»á×Ô¶¯ÏÂÔظüв¢ÔÚÏÂÒ»´ÎÆô¶¯Ê±×°Öᣡ£¡£Ò²¿ÉÑ¡Ôñͨ¹ýÒÔÏ°취ÊÖ¶¯¾ÙÐиüУº

1¡¢µã»÷¡°×îÏȲ˵¥¡±»ò°´Windows¿ì½Ý¼ü £¬£¬£¬£¬µã»÷½øÈë¡°ÉèÖá±

2¡¢Ñ¡Ôñ¡°¸üкÍÇå¾²¡± £¬£¬£¬£¬½øÈë¡°Windows¸üС±£¨Windows 8¡¢Windows 8.1¡¢Windows Server 2012ÒÔ¼°Windows Server 2012 R2¿Éͨ¹ý¿ØÖÆÃæ°å½øÈë¡°Windows¸üС± £¬£¬£¬£¬Ïêϸ°ì·¨Îª¡°¿ØÖÆÃæ°å¡±->¡°ÏµÍ³ºÍÇå¾²¡±->¡°Windows¸üС±£©

3¡¢Ñ¡Ôñ¡°¼ì²é¸üС± £¬£¬£¬£¬ÆÚ´ýϵͳ×Ô¶¯¼ì²é²¢ÏÂÔØ¿ÉÓøüС£¡£¡£

4¡¢¸üÐÂÍê³ÉºóÖØÆôÅÌËã»ú £¬£¬£¬£¬¿Éͨ¹ý½øÈë¡°Windows¸üС±->¡°Éó²é¸üÐÂÀúÊ·¼Í¼¡±Éó²éÊÇ·ñÀÖ³É×°ÖÃÁ˸üС£¡£¡£¹ØÓÚûÓÐÀÖ³É×°ÖõĸüР£¬£¬£¬£¬¿ÉÒÔµã»÷¸Ã¸üÐÂÃû³Æ½øÈë΢Èí¹Ù·½¸üÐÂÐÎòÁ´½Ó £¬£¬£¬£¬µã»÷×îеÄSSUÃû³Æ²¢ÔÚÐÂÁ´½ÓÖеã»÷¡°Microsoft ¸üÐÂĿ¼¡± £¬£¬£¬£¬È»ºóÔÚÐÂÁ´½ÓÖÐÑ¡ÔñÊÊÓÃÓÚÄ¿µÄϵͳµÄ²¹¶¡¾ÙÐÐÏÂÔز¢×°Öᣡ£¡£

£¨¶þ£© ÊÖ¶¯×°ÖøüÐÂ

Microsoft¹Ù·½ÏÂÔØÏìÓ¦²¹¶¡¾ÙÐиüС£¡£¡£

ÏÂÔØÁ´½Ó£º

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063

WindowsÖпÉͨ¹ý¿ØÖÆÃæ°å-³ÌÐòºÍ¹¦Ð§-Éó²éÒÑ×°ÖõĸüÐÂÅÌÎÊÄ¿½ñϵͳÒÑ×°ÖõĸüР£¬£¬£¬£¬ÈôÊÇϵͳÉÐδװÖÃÏìÓ¦²¹¶¡ £¬£¬£¬£¬¿ÉÊÖ¶¯ÏÂÔØ×°Öᣡ£¡£

4.2 ÔÝʱ²½·¥

ÈôÊÇÄ¿µÄÅÌËã»úÉϽûÓà IPv6 £¬£¬£¬£¬ÏµÍ³²»»áÊܵ½Ó°Ïì £¬£¬£¬£¬ÍâµØWindows·À»ðǽÉÏ×èÖ¹IPv6²»¿É×èÖ¹Îó²îʹÓᣡ£¡£ÎÞ·¨Á¬Ã¦×°ÖÃ8Ô Windows Çå¾²¸üеÄÓû§¿Éͨ¹ý½ûÓà IPv6 Ïû³ý¹¥»÷ÃæÀ´»º½â¸ÃÎó²î¡£¡£¡£×¢ÖØ £¬£¬£¬£¬½ûÓà IPv6 ¿ÉÄÜ»áÓ°ÏìijЩÒÀÀµ IPv6 µÄÓ¦ÓóÌÐòºÍЧÀÍ £¬£¬£¬£¬»òÕß¿ÉÄܻᵼÖÂijЩ Windows ×é¼þ×èÖ¹ÊÂÇé¡£¡£¡£

½ûÓÃIPv6

¿Éͨ¹ýÒÔÏ·½·¨Ö®Ò»»òÆäËû·½·¨½ûÓÃIPv6£º

1£®Ê¹ÓÃÍøÂçÊÊÅäÆ÷ÉèÖ㨵¥¸ö½ûÓã©

·­¿ªÍøÂçºÍ¹²ÏíÖÐÐÄ £¬£¬£¬£¬¿Éͨ¹ý¿ØÖÆÃæ°å - ËùÓпØÖÆÃæ°åÏî - ÍøÂçºÍ¹²ÏíÖÐÐÄ-¸ü¸ÄÊÊÅäÆ÷ÉèÖà £¬£¬£¬£¬ÕÒµ½Ä¿µÄÍøÂçÅþÁ¬£¨Èç¡°ÒÔÌ«Íø¡±»ò¡°Wi-Fi¡±£© £¬£¬£¬£¬ÓÒ¼üµ¥»÷²¢Ñ¡Ôñ¡°ÊôÐÔ¡± £¬£¬£¬£¬ÔÚÍøÂçÊôÐÔ´°¿ÚÖÐ £¬£¬£¬£¬ÕÒµ½¡°Internet ЭÒé°æ±¾ 6 (TCP/IPv6)¡± £¬£¬£¬£¬×÷·Ï¹´Ñ¡Ëü £¬£¬£¬£¬È»ºóµã»÷¡°È·¶¨¡±¡£¡£¡£

2. ʹÓÃÖÎÀíԱȨÏÞ·­¿ªPowerShell £¬£¬£¬£¬Æ¾Ö¤ÐèÇóÖ´ÐÐÒÔϲÙ×÷£¨Í³Ò»½ûÓã©£º

·­¿ª PowerShell£¨ÖÎÀíÔ±£© £¬£¬£¬£¬¿ÉʹÓÃÒÔÏÂÏÂÁîÀ´Éó²éÍøÂçÊÊÅäÆ÷µÄ°ó¶¨×´Ì¬ £¬£¬£¬£¬È·ÈÏ IPv6 ÊÇ·ñÒѱ»ÆôÓãº

Get-NetAdapterBinding -ComponentID ms_tcpip6

Ö´ÐÐÒÔÏÂÏÂÁîÒÔ½ûÓÃËùÓÐÍøÂç½Ó¿ÚµÄ IPv6£º

Disable-NetAdapterBinding -Name "*" -ComponentID ms_tcpip6

ÈôÊÇÐèÒª×÷·Ï½ûÓòÙ×÷ £¬£¬£¬£¬Ö´ÐÐÒÔÏÂÏÂÁÖØÐÂÆôÓÃËùÓÐÍøÂçÊÊÅäÆ÷É쵀 IPv6£º

Enable-NetAdapterBinding -Name "*" -ComponentID ms_tcpip6

ÈçͼËùʾ£º

image.png                                                                                             

4.3 ͨÓý¨Òé

l  °´ÆÚ¸üÐÂϵͳ²¹¶¡ £¬£¬£¬£¬ïÔ̭ϵͳÎó²î £¬£¬£¬£¬ÌáÉýЧÀÍÆ÷µÄÇå¾²ÐÔ¡£¡£¡£

l  ÔöǿϵͳºÍÍøÂçµÄ»á¼û¿ØÖÆ £¬£¬£¬£¬Ð޸ķÀ»ðǽսÂÔ £¬£¬£¬£¬¹Ø±Õ·ÇÐëÒªµÄÓ¦Óö˿ڻòЧÀÍ £¬£¬£¬£¬ïÔÌ­½«Î£ÏÕЧÀÍ£¨ÈçSSH¡¢RDPµÈ£©Ì»Â¶µ½¹«Íø £¬£¬£¬£¬ïÔÌ­¹¥»÷Ãæ¡£¡£¡£

l  ʹÓÃÆóÒµ¼¶Çå¾²²úÆ· £¬£¬£¬£¬ÌáÉýÆóÒµµÄÍøÂçÇå¾²ÐÔÄÜ¡£¡£¡£

l  ÔöǿϵͳÓû§ºÍȨÏÞÖÎÀí £¬£¬£¬£¬ÆôÓöàÒòËØÈÏÖ¤»úÖƺÍ×îСȨÏÞÔ­Ôò £¬£¬£¬£¬Óû§ºÍÈí¼þȨÏÞÓ¦¼á³ÖÔÚ×îµÍÏ޶ȡ£¡£¡£

l  ÆôÓÃÇ¿ÃÜÂëÕ½ÂÔ²¢ÉèÖÃΪ°´ÆÚÐ޸ġ£¡£¡£ 

4.4 ²Î¿¼Á´½Ó

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063

https://msrc.microsoft.com/update-guide/releaseNote/2024-Aug


Îå¡¢°æ±¾ÐÅÏ¢

°æ±¾

ÈÕÆÚ

±¸×¢

V1.0

2024-08-16

Ê×´ÎÐû²¼

V1.1

2024-08-28

¸üÐÂPoC״̬ £¬£¬£¬£¬ÐÂÔöÎó²î¸´ÏÖ


Áù¡¢¸½Â¼

6.1 ¿­Ê±K66¼ò½é

¿­Ê±K66½¨ÉèÓÚ1996Äê £¬£¬£¬£¬ÊÇÓÉÁôÃÀ²©Ê¿ÑÏÍû¼ÑŮʿ½¨ÉèµÄ¡¢ÓµÓÐÍêÈ«×ÔÖ÷֪ʶ²úȨµÄÐÅÏ¢Çå¾²¸ß¿Æ¼¼ÆóÒµ¡£¡£¡£ÊǺ£ÄÚ×î¾ßʵÁ¦µÄÐÅÏ¢Çå¾²²úÆ·¡¢Ç徲ЧÀͽâ¾ö¼Æ»®µÄÁ캽ÆóÒµÖ®Ò»¡£¡£¡£

¹«Ë¾×ܲ¿Î»ÓÚ±±¾©ÊÐÖйشåÈí¼þÔ°¿­Ê±K66´óÏà £¬£¬£¬£¬¹«Ë¾Ô±¹¤6000ÓàÈË £¬£¬£¬£¬Ñз¢ÍŶÓ1200ÓàÈË, ÊÖÒÕЧÀÍÍŶÓ1300ÓàÈË¡£¡£¡£ÔÚÌìϸ÷Ê¡¡¢ÊС¢×ÔÖÎÇøÉèÁ¢·ÖÖ§»ú¹¹ÁùÊ®¶à¸ö £¬£¬£¬£¬ÓµÓÐÁýÕÖÌìϵÄÏúÊÛϵͳ¡¢ÇþµÀϵͳºÍÊÖÒÕÖ§³Öϵͳ¡£¡£¡£¹«Ë¾ÓÚ2010Äê6ÔÂ23ÈÕÔÚÉîÛÚÖÐС°å¹ÒÅÆÉÏÊС£¡£¡££¨¹ÉƱ´úÂ룺002439£©

¶àÄêÀ´ £¬£¬£¬£¬¿­Ê±K66ÖÂÁ¦ÓÚÌṩ¾ßÓйú¼Ê¾ºÕùÁ¦µÄ×ÔÖ÷Á¢ÒìµÄÇå¾²²úÆ·ºÍ×î¼Ñʵ¼ùЧÀÍ £¬£¬£¬£¬×ÊÖú¿Í»§ÖÜÈ«ÌáÉýÆäIT»ù´¡ÉèÊ©µÄÇå¾²ÐÔºÍÉú²úЧÄÜ £¬£¬£¬£¬Îª´òÔìºÍÌáÉý¹ú¼Ê»¯µÄÃñ×åÐÅÏ¢Çå¾²¹¤ÒµÁì¾üÆ·Åƶø²»Ð¸Æ𾢡£¡£¡£

6.2 ¹ØÓÚ¿­Ê±K66

¿­Ê±K66Çå¾²Ó¦¼±ÏìÓ¦ÖÐÐÄÒÑÐû²¼1000¶à¸öÎó²îͨ¸æºÍΣº¦Ô¤¾¯ £¬£¬£¬£¬ÎÒÃǽ«Ò»Á¬¸ú×ÙÈ«Çò×îеÄÍøÂçÇå¾²ÊÂÎñºÍÎó²î £¬£¬£¬£¬ÎªÆóÒµµÄÐÅÏ¢Çå¾²±£¼Ý»¤º½¡£¡£¡£

¹Ø×¢ÎÒÃÇ£º

image.png