一、漏洞分析
1.1
组件介绍
Windows WiFi
驱动是
Windows
操作系统中使操作系统能够与
WiFi
相关硬件(例如网卡)进行交互,从而连接无线网络的软件。
1
、前置条件:默认配置
2
、触发方式:远程
综合评价<综合评定利用难度>:困难,目前暂无公开且实际可用信息,且暂无在野利用。<综合评定威胁等级>:高危,能造成远程代码执行。
1.2 漏洞描述
2024
年
6
月
19
日,深瞳漏洞实验室监测到一则
Windows WiFi
驱动组件存在远程代码执行漏洞的信息,漏洞编号:
CVE-2024-30078
,漏洞威胁等级:高危。
攻击者可利用该漏洞在未授权的情况下,构造恶意数据进行远程
代码执行攻击,最终获取系统最高权限。漏洞利用存在前提条件,攻
击者需要处于目标系统的临近网络,可以发送和接收
WiFi
无线电传
输。
二、影响范围
目前受影响的
Windows
版本:
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack
(Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack
(Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack
Windows Server 2008 R2 for x64-based Systems Service Pack
Windows Server 2008 for x64-based Systems Service Pack
(Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack
(Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack
Windows Server 2008 for x64-based Systems Service Pack
Windows Server 2008 for 32-bit Systems Service Pack
(Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack
(Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack
Windows Server 2008 for 32-bit Systems Service Pack
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server 2022, 23H2 Edition (Server Core
installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
三、解决方案
3.1
修复建议
1.
如何检测组件系统版本
使用快捷键“
Win+R
”,输入“
winver
”可以看到当前系统版本。
在“设置”
-
“
Windows
更新”
-
“更新历史记录”中查看是否存
在下列网站中系统对应的更新。
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30078
2.
官方修复建议
当前官方已发布受影响版本的对应补丁(当前官方已发布最新版
本),建议受影响的用户及时更新官方的安全补丁(及时更新升级到
最新版本)。
链接如下:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-3007
8
打补丁
/
升级方法
:
在“设置”-“Windows 更新”中选择“检查更新”。
四、时间轴
2024/6/12
深瞳漏洞实验室监测到微软官方发布安全补丁。
2024/6/19
深瞳漏洞实验室发布漏洞通告。
五、参考链接
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30078
