¡¾Îó²îͨ¸æ¡¿Windows TCP/IPÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2024-38063£©

Ðû²¼Ê±¼ä 2024-08-19


Ò»¡¢Îó²î¸ÅÊö

Îó²îÃû³Æ

Windows TCP/IPÔ¶³Ì´úÂëÖ´ÐÐÎó²î

CVE   ID

CVE-2024-38063

Îó²îÀàÐÍ

RCE

·¢Ã÷ʱ¼ä

2024-08-14

Îó²îÆÀ·Ö

9.8

Îó²îÆ·¼¶

ÑÏÖØ

¹¥»÷ÏòÁ¿

ÍøÂç

ËùÐèȨÏÞ

ÎÞ

ʹÓÃÄѶÈ

µÍ

Óû§½»»¥

ÎÞ

PoC/EXP

ÒѹûÕæ

ÔÚҰʹÓÃ

δ·¢Ã÷

 

Windows TCP/IP ÊÇ Windows ²Ù×÷ϵͳÖÐÓÃÓÚÍøÂçͨѶµÄ½¹µãЭÒéÕ»£¬£¬£¬Ëü×ñÕÕTCP£¨´«Êä¿ØÖÆЭÒ飩ºÍIP£¨»¥ÁªÍøЭÒ飩±ê×¼¡£¡£¡£Windows TCP/IP ЭÒéÕ»Ö§³Ö²Ù×÷ϵͳÓëÆäËûÅÌËã»úºÍÍøÂç×°±¸£¨Èç·ÓÉÆ÷¡¢Ð§ÀÍÆ÷¡¢¿Í»§¶ËµÈ£©¾ÙÐÐͨѶ£¬£¬£¬ÊÇËùÓлùÓÚÍøÂçµÄ²Ù×÷ºÍÓ¦ÓõĻù´¡¡£¡£¡£

2024Äê8ÔÂ14ÈÕ£¬£¬£¬c7c7ÓéÀÖƽ̨¼¯ÍÅVSRC¼à²âµ½Î¢ÈíÐû²¼8ÔÂÇå¾²¸üУ¬£¬£¬ÐÞ¸´ÁËWindows TCP/IP Ô¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2024-38063£©£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ9.8£¬£¬£¬»áÓ°ÏìËùÓÐʹÓà IPv6£¨Ä¬ÈÏÆôÓã©µÄ Windows ϵͳ¡£¡£¡£

Windows TCP/IPÖб£´æÕûÊýÏÂÒçÎó²î£¬£¬£¬¿ÉʹÓøÃÎó²î´¥·¢»º³åÇøÒç³ö£¬£¬£¬Î´¾­Éí·ÝÑéÖ¤µÄÍþвÕß¿Éͨ¹ýÏòÊÜÓ°ÏìµÄWindows ÅÌËã»úÖظ´·¢ËÍÌØÖÆIPv6 Êý¾Ý°üÀ´Ê¹ÓøÃÎó²î£¬£¬£¬ÀÖ³ÉʹÓÿÉÄܵ¼Ö¾ܾøЧÀÍ»òÔ¶³Ì´úÂëÖ´ÐС£¡£¡£


¶þ¡¢Îó²î¸´ÏÖ

¡¾Îó²î¸´ÏÖ¡¿Windows TCPIPÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2024-38063£©.jpg


Èý¡¢Ó°Ïì¹æÄ£

Windows 11 Version 24H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows Server 2022, 23H2 Edition (Server Core installation)

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems


ËÄ¡¢Çå¾²²½·¥

4.1 Éý¼¶°æ±¾

ÏÖÔÚ΢ÈíÒÑÐû²¼Á˸ÃÎó²îµÄÇå¾²¸üУ¬£¬£¬¼øÓÚÎó²îµÄÑÏÖØÐÔ£¬£¬£¬½¨ÒéÊÜÓ°ÏìÓû§¾¡¿ìÐÞ¸´¡£¡£¡£

£¨Ò»£© Windows Update×Ô¶¯¸üÐÂ

Microsoft UpdateĬÈÏÆôÓ㬣¬£¬µ±ÏµÍ³¼ì²âµ½¿ÉÓøüÐÂʱ£¬£¬£¬½«»á×Ô¶¯ÏÂÔظüв¢ÔÚÏÂÒ»´ÎÆô¶¯Ê±×°Öᣡ£¡£Ò²¿ÉÑ¡Ôñͨ¹ýÒÔÏ°취ÊÖ¶¯¾ÙÐиüУº

1¡¢µã»÷¡°×îÏȲ˵¥¡±»ò°´Windows¿ì½Ý¼ü£¬£¬£¬µã»÷½øÈë¡°ÉèÖá±

2¡¢Ñ¡Ôñ¡°¸üкÍÇå¾²¡±£¬£¬£¬½øÈë¡°Windows¸üС±£¨Windows 8¡¢Windows 8.1¡¢Windows Server 2012ÒÔ¼°Windows Server 2012 R2¿Éͨ¹ý¿ØÖÆÃæ°å½øÈë¡°Windows¸üС±£¬£¬£¬Ïêϸ°ì·¨Îª¡°¿ØÖÆÃæ°å¡±->¡°ÏµÍ³ºÍÇå¾²¡±->¡°Windows¸üС±£©

3¡¢Ñ¡Ôñ¡°¼ì²é¸üС±£¬£¬£¬ÆÚ´ýϵͳ×Ô¶¯¼ì²é²¢ÏÂÔØ¿ÉÓøüС£¡£¡£

4¡¢¸üÐÂÍê³ÉºóÖØÆôÅÌËã»ú£¬£¬£¬¿Éͨ¹ý½øÈë¡°Windows¸üС±->¡°Éó²é¸üÐÂÀúÊ·¼Í¼¡±Éó²éÊÇ·ñÀÖ³É×°ÖÃÁ˸üС£¡£¡£¹ØÓÚûÓÐÀÖ³É×°ÖõĸüУ¬£¬£¬¿ÉÒÔµã»÷¸Ã¸üÐÂÃû³Æ½øÈë΢Èí¹Ù·½¸üÐÂÐÎòÁ´½Ó£¬£¬£¬µã»÷×îеÄSSUÃû³Æ²¢ÔÚÐÂÁ´½ÓÖеã»÷¡°Microsoft ¸üÐÂĿ¼¡±£¬£¬£¬È»ºóÔÚÐÂÁ´½ÓÖÐÑ¡ÔñÊÊÓÃÓÚÄ¿µÄϵͳµÄ²¹¶¡¾ÙÐÐÏÂÔز¢×°Öᣡ£¡£

£¨¶þ£© ÊÖ¶¯×°ÖøüÐÂ

Microsoft¹Ù·½ÏÂÔØÏìÓ¦²¹¶¡¾ÙÐиüС£¡£¡£

ÏÂÔØÁ´½Ó£º

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063

WindowsÖпÉͨ¹ý¿ØÖÆÃæ°å-³ÌÐòºÍ¹¦Ð§-Éó²éÒÑ×°ÖõĸüÐÂÅÌÎÊÄ¿½ñϵͳÒÑ×°ÖõĸüУ¬£¬£¬ÈôÊÇϵͳÉÐδװÖÃÏìÓ¦²¹¶¡£¬£¬£¬¿ÉÊÖ¶¯ÏÂÔØ×°Öᣡ£¡£

4.2 ÔÝʱ²½·¥

ÈôÊÇÄ¿µÄÅÌËã»úÉϽûÓà IPv6£¬£¬£¬ÏµÍ³²»»áÊܵ½Ó°Ï죬£¬£¬ÍâµØWindows·À»ðǽÉÏ×èÖ¹IPv6²»¿É×èÖ¹Îó²îʹÓᣡ£¡£ÎÞ·¨Á¬Ã¦×°ÖÃ8Ô Windows Çå¾²¸üеÄÓû§¿Éͨ¹ý½ûÓà IPv6 Ïû³ý¹¥»÷ÃæÀ´»º½â¸ÃÎó²î¡£¡£¡£×¢ÖØ£¬£¬£¬½ûÓà IPv6 ¿ÉÄÜ»áÓ°ÏìijЩÒÀÀµ IPv6 µÄÓ¦ÓóÌÐòºÍЧÀÍ£¬£¬£¬»òÕß¿ÉÄܻᵼÖÂijЩ Windows ×é¼þ×èÖ¹ÊÂÇé¡£¡£¡£

½ûÓÃIPv6

¿Éͨ¹ýÒÔÏ·½·¨Ö®Ò»»òÆäËû·½·¨½ûÓÃIPv6£º

1£®Ê¹ÓÃÍøÂçÊÊÅäÆ÷ÉèÖ㨵¥¸ö½ûÓã©

·­¿ªÍøÂçºÍ¹²ÏíÖÐÐÄ£¬£¬£¬¿Éͨ¹ý¿ØÖÆÃæ°å - ËùÓпØÖÆÃæ°åÏî - ÍøÂçºÍ¹²ÏíÖÐÐÄ-¸ü¸ÄÊÊÅäÆ÷ÉèÖ㬣¬£¬ÕÒµ½Ä¿µÄÍøÂçÅþÁ¬£¨Èç¡°ÒÔÌ«Íø¡±»ò¡°Wi-Fi¡±£©£¬£¬£¬ÓÒ¼üµ¥»÷²¢Ñ¡Ôñ¡°ÊôÐÔ¡±£¬£¬£¬ÔÚÍøÂçÊôÐÔ´°¿ÚÖУ¬£¬£¬ÕÒµ½¡°Internet ЭÒé°æ±¾ 6 (TCP/IPv6)¡±£¬£¬£¬×÷·Ï¹´Ñ¡Ëü£¬£¬£¬È»ºóµã»÷¡°È·¶¨¡±¡£¡£¡£

2. ʹÓÃÖÎÀíԱȨÏÞ·­¿ªPowerShell£¬£¬£¬Æ¾Ö¤ÐèÇóÖ´ÐÐÒÔϲÙ×÷£¨Í³Ò»½ûÓã©£º

·­¿ª PowerShell£¨ÖÎÀíÔ±£©£¬£¬£¬¿ÉʹÓÃÒÔÏÂÏÂÁîÀ´Éó²éÍøÂçÊÊÅäÆ÷µÄ°ó¶¨×´Ì¬£¬£¬£¬È·ÈÏ IPv6 ÊÇ·ñÒѱ»ÆôÓãº

Get-NetAdapterBinding -ComponentID ms_tcpip6

Ö´ÐÐÒÔÏÂÏÂÁîÒÔ½ûÓÃËùÓÐÍøÂç½Ó¿ÚµÄ IPv6£º

Disable-NetAdapterBinding -Name "*" -ComponentID ms_tcpip6

ÈôÊÇÐèÒª×÷·Ï½ûÓòÙ×÷£¬£¬£¬Ö´ÐÐÒÔÏÂÏÂÁÖØÐÂÆôÓÃËùÓÐÍøÂçÊÊÅäÆ÷É쵀 IPv6£º

Enable-NetAdapterBinding -Name "*" -ComponentID ms_tcpip6

ÈçͼËùʾ£º

image.png                                                                                             

4.3 ͨÓý¨Òé

l  °´ÆÚ¸üÐÂϵͳ²¹¶¡£¬£¬£¬ïÔ̭ϵͳÎó²î£¬£¬£¬ÌáÉýЧÀÍÆ÷µÄÇå¾²ÐÔ¡£¡£¡£

l  ÔöǿϵͳºÍÍøÂçµÄ»á¼û¿ØÖÆ£¬£¬£¬Ð޸ķÀ»ðǽսÂÔ£¬£¬£¬¹Ø±Õ·ÇÐëÒªµÄÓ¦Óö˿ڻòЧÀÍ£¬£¬£¬ïÔÌ­½«Î£ÏÕЧÀÍ£¨ÈçSSH¡¢RDPµÈ£©Ì»Â¶µ½¹«Íø£¬£¬£¬ïÔÌ­¹¥»÷Ãæ¡£¡£¡£

l  ʹÓÃÆóÒµ¼¶Çå¾²²úÆ·£¬£¬£¬ÌáÉýÆóÒµµÄÍøÂçÇå¾²ÐÔÄÜ¡£¡£¡£

l  ÔöǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬£¬£¬ÆôÓöàÒòËØÈÏÖ¤»úÖƺÍ×îСȨÏÞÔ­Ôò£¬£¬£¬Óû§ºÍÈí¼þȨÏÞÓ¦¼á³ÖÔÚ×îµÍÏ޶ȡ£¡£¡£

l  ÆôÓÃÇ¿ÃÜÂëÕ½ÂÔ²¢ÉèÖÃΪ°´ÆÚÐ޸ġ£¡£¡£ 

4.4 ²Î¿¼Á´½Ó

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063

https://msrc.microsoft.com/update-guide/releaseNote/2024-Aug


Îå¡¢°æ±¾ÐÅÏ¢

°æ±¾

ÈÕÆÚ

±¸×¢

V1.0

2024-08-16

Ê×´ÎÐû²¼

V1.1

2024-08-28

¸üÐÂPoC״̬£¬£¬£¬ÐÂÔöÎó²î¸´ÏÖ


Áù¡¢¸½Â¼

6.1 c7c7ÓéÀÖƽ̨¼ò½é

c7c7ÓéÀÖƽ̨½¨ÉèÓÚ1996Ä꣬£¬£¬ÊÇÓÉÁôÃÀ²©Ê¿ÑÏÍû¼ÑŮʿ½¨ÉèµÄ¡¢ÓµÓÐÍêÈ«×ÔÖ÷֪ʶ²úȨµÄÐÅÏ¢Çå¾²¸ß¿Æ¼¼ÆóÒµ¡£¡£¡£ÊǺ£ÄÚ×î¾ßʵÁ¦µÄÐÅÏ¢Çå¾²²úÆ·¡¢Ç徲ЧÀͽâ¾ö¼Æ»®µÄÁ캽ÆóÒµÖ®Ò»¡£¡£¡£

¹«Ë¾×ܲ¿Î»ÓÚ±±¾©ÊÐÖйشåÈí¼þÔ°c7c7ÓéÀÖƽ̨´óÏ㬣¬£¬¹«Ë¾Ô±¹¤6000ÓàÈË£¬£¬£¬Ñз¢ÍŶÓ1200ÓàÈË, ÊÖÒÕЧÀÍÍŶÓ1300ÓàÈË¡£¡£¡£ÔÚÌìϸ÷Ê¡¡¢ÊС¢×ÔÖÎÇøÉèÁ¢·ÖÖ§»ú¹¹ÁùÊ®¶à¸ö£¬£¬£¬ÓµÓÐÁýÕÖÌìϵÄÏúÊÛϵͳ¡¢ÇþµÀϵͳºÍÊÖÒÕÖ§³Öϵͳ¡£¡£¡£¹«Ë¾ÓÚ2010Äê6ÔÂ23ÈÕÔÚÉîÛÚÖÐС°å¹ÒÅÆÉÏÊС£¡£¡££¨¹ÉƱ´úÂ룺002439£©

¶àÄêÀ´£¬£¬£¬c7c7ÓéÀÖƽ̨ÖÂÁ¦ÓÚÌṩ¾ßÓйú¼Ê¾ºÕùÁ¦µÄ×ÔÖ÷Á¢ÒìµÄÇå¾²²úÆ·ºÍ×î¼Ñʵ¼ùЧÀÍ£¬£¬£¬×ÊÖú¿Í»§ÖÜÈ«ÌáÉýÆäIT»ù´¡ÉèÊ©µÄÇå¾²ÐÔºÍÉú²úЧÄÜ£¬£¬£¬Îª´òÔìºÍÌáÉý¹ú¼Ê»¯µÄÃñ×åÐÅÏ¢Çå¾²¹¤ÒµÁì¾üÆ·Åƶø²»Ð¸Æ𾢡£¡£¡£

6.2 ¹ØÓÚc7c7ÓéÀÖƽ̨

c7c7ÓéÀÖƽ̨Çå¾²Ó¦¼±ÏìÓ¦ÖÐÐÄÒÑÐû²¼1000¶à¸öÎó²îͨ¸æºÍΣº¦Ô¤¾¯£¬£¬£¬ÎÒÃǽ«Ò»Á¬¸ú×ÙÈ«Çò×îеÄÍøÂçÇå¾²ÊÂÎñºÍÎó²î£¬£¬£¬ÎªÆóÒµµÄÐÅÏ¢Çå¾²±£¼Ý»¤º½¡£¡£¡£

¹Ø×¢ÎÒÃÇ£º

image.png