Menu
导航栏目
CN/EN
安全预警,防患未然
首页 > 烽火狼烟

Windows Print Spooler代码执行漏洞(CVE-2021-34527)风险提示


漏洞概述


2021年7月2日,WebRAY烽火台实验室监测到漏洞编号为:CVE-2021-34527的Windows Print Spooler代码执行漏洞,攻击者可以通过该漏洞绕过PfcAddPrinterDriver的安全验证,在DC中安装恶意的驱动程序,完整的控制整个域环境。由于该漏洞易于利用且漏洞危害较大,WebRAY烽火台实验室建议相关用户及时更新补丁。


Windows Print Spooler是Windows的打印机后台处理程序,广泛的应用于内网计算机环境中。


WebRAY 烽火台实验室也将持续关注该漏洞进展,第一时间为您更新该漏洞信息。


影响范围


漏洞编号影响范围
CVE-2021-34527

· Windows Server 2019(Server Core installation)

· Windows Server 2019

· Windows Server 2016(Server Core installation)

· Windows Server 2016

· Windows Server 2012R2 (Server Core installation)

· Windows Server 2012R2

· Windows Server 2012(Server Core installation)

· Windows Server 2012

· Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

· Windows Server 2008 R2 for x64-based Systems Service Pack 1

· Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

· Windows Server 2008 for x64-based Systems Service Pack 2

· Windows Server 2008 for 32-bit Systems Service Pack 2(Server Core installation)

· Windows Server 2008 for 32-bit Systems Service Pack 2

· Windows Server, version 2004 (Server Core installation)

· Windows RT 8.1

· Windows 8.1 for x64-based systems

· Windows 8.1 for 32-bit systems

· Windows 7 for x64-based Systems Service Pack 1

· Windows 7 for 32-bit Systems Service Pack1

· Windows 10 Version 1607 for x64-based Systems

· Windows 10 Version 1607 for 32-bit Systems

· Windows 10 for x64-based Systems

· Windows 10 for 32-bit Systems

· Windows Server, version 20H2 (Server Core Installation)

· Windows 10 Version 20H2 for ARM64-based Systems

· Windows 10 Version 20H2 for 32-bit Systems

· Windows 10 Version 20H2 for x64-based Systems

· Windows 10 Version 2004 for x64-based Systems

· Windows 10 Version 2004 for ARM64-based Systems

· Windows 10 Version 2004 for 32-bit Systems

· Windows 10 Version 21H1 for 32-bit Systems

· Windows 10 Version 21H1 for ARM64-based Systems

· Windows 10 Version 21H1 for x64-based Systems

· Windows 10 Version 1909 for ARM64-based Systems

· Windows 10 Version 1909 for x64-based Systems

· Windows 10 Version 1909 for 32-bit Systems

· Windows 10 Version 1809 for ARM64-based Systems

· Windows 10 Version 1809 for x64-based Systems

· Windows 10 Version 1809 for 32-bit Systems


漏洞等级


WebRAY烽火台实验室风险评级:高危


修复建议


1、暂时关闭域中的 Print Spooler服务;

2、参考微软官方通告安装补丁:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1675


关于您的项目需求

关于您的项目需求

  • 获取短信验证码
点击“提交”,表明我理解并同意