Microsoft | Windows Codecs & Visual Studio JSONÔ¶³Ì´úÂëÖ´ÐÐÎó²îͨ¸æ

Ðû²¼Ê±¼ä 2020-10-19

0x00 Îó²î¸ÅÊö

²úÆ·Ãû³Æ

CVE   ID

Àà ÐÍ

Îó²îÆ·¼¶

Ô¶³ÌʹÓÃ

Ó°Ïì¹æÄ£

Windows Codecs

CVE-2020-17022

RCE

¸ßΣ

ÊÇ


Visual Studio  Code

CVE-2020-17023

RCE

¸ßΣ

ÊÇ


 

΢ÈíÓÚ2020Äê10ÔÂ15ÈÕÐû²¼ÁËÁ½¸ö´øÍâÇå¾²¸üУ¬£¬£¬ £¬£¬ÒÔÐÞ¸´Microsoft Windows CodecsºÍVisual Studio CodeÖеÄÁ½¸öÔ¶³Ì´úÂëÖ´ÐУ¨RCE£©Îó²î¡£ ¡£¡£¡£¡£¡£Îó²î¸ú×ÙΪCVE-2020-17022ºÍCVE-2020-17023£¬£¬£¬ £¬£¬ÆäCVSSÆÀ·Ö¾ùΪ7.8¡£ ¡£¡£¡£¡£¡£

 

0x01 Îó²îÏêÇé

image.png

 

Microsoft Windows CodecsÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2020-17022£©

Microsoft Windows CodecsÊÇMicrosoftµÄ±à½âÂëÆ÷¿â£¬£¬£¬ £¬£¬ÆäÖеıà½âÂëÆ÷Ä£¿£¿ £¿£¿£¿éÌṩÁËÓÃÓÚ¶ÔWindows³ÌÐòÖеÄÊý¾Ý¾ÙÐдúÂëת»»µÄÁ÷ºÍÎļþ½Ó¿Ú¡£ ¡£¡£¡£¡£¡£¸ÃÎó²îÊÇÓÉÓÚMicrosoft Windows Codecs¿âÔÚ´¦Öóͷ£Äڴ湤¾ßµÄ·½·¨Öб£´æÒ»¸öÔ¶³Ì´úÂëÖ´ÐÐÎó²î¡£ ¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉÒÔʹÓöñÒâ½á¹¹µÄµÄͼÏñÎļþÀ´Ê¹ÓôËÎó²î¡£ ¡£¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔÔÚÄ¿µÄϵͳÉÏÖ´ÐÐí§Òâ´úÂë¡£ ¡£¡£¡£¡£¡£

Ó°Ïì¹æÄ££º

Windows 10 Version 1709 for 32-bit Systems

Windows 10 Version 1709 for ARM64-based Systems

Windows 10 Version 1709 for x64-based Systems 

Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for ARM64-based Systems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems 

Windows 10 Version 1903 for 32-bit Systems

Windows 10 Version 1903 for ARM64-based Systems

Windows 10 Version 1903 for x64-based Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems 

Windows 10 Version 2004 for 32-bit Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for x64-based Systems

 

Visual Studio JSONÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2020-17023£©

MicrosoftµÄVisual Studio CodeÊÇMicrosoftÕë¶ÔWindows¡¢LinuxºÍmacOS¿ª·¢µÄÒ»ÖÖÃâ·ÑµÄÔ´´úÂë±à¼­Æ÷¡£ ¡£¡£¡£¡£¡£

¹¥»÷Õß¿ÉÒÔͨ¹ýÓÕʹÓû§·­¿ª¶ñÒâµÄ¡° package.json¡±ÎļþÀ´Ê¹ÓôËÎó²î¡£ ¡£¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔÔÚÄ¿½ñÓû§µÄÉÏÏÂÎÄÖÐÔËÐÐí§Òâ´úÂë¡£ ¡£¡£¡£¡£¡£

ÈôÊÇÄ¿½ñÓû§Ê¹ÓÃÖÎÀíÓû§È¨Ï޵Ǽ£¬£¬£¬ £¬£¬Ôò¹¥»÷Õß¿ÉÒÔ¿ØÖÆÕû¸öϵͳ£¬£¬£¬ £¬£¬ÀýÈç×°ÖóÌÐò¡¢Éó²é¡¢¸ü¸Ä»òɾ³ýÊý¾Ý¡¢½¨Éè¾ßÓÐÍêÈ«Óû§È¨ÏÞµÄÐÂÕÊ»§µÈ¡£ ¡£¡£¡£¡£¡£

ÏÖÔÚ£¬£¬£¬ £¬£¬MicrosoftµÄ¸üÐÂÊÇͨ¹ýÐÞ¸ÄVisual Studio Code´¦Öóͷ£JSONÎļþµÄ·½·¨À´½â¾öÁË´ËÎó²î¡£ ¡£¡£¡£¡£¡£

Ó°Ïì¹æÄ££º

Visual Studio Code 1.50.1֮ǰµÄ°æ±¾¡£ ¡£¡£¡£¡£¡£

 

0x02 ´¦Öóͷ£½¨Òé

ÏÖÔÚMicrosoftÒÑÐû²¼Çå¾²¸üУ¬£¬£¬ £¬£¬½¨ÒéʵʱװÖÃÏà¹Ø²¹¶¡¡£ ¡£¡£¡£¡£¡£

£¨Ò»£© Windows update¸üÐÂ

×Ô¶¯¸üУº

Microsoft UpdateĬÈÏÆôÓ㬣¬£¬ £¬£¬µ±ÏµÍ³¼ì²âµ½¿ÉÓøüÐÂʱ£¬£¬£¬ £¬£¬½«»á×Ô¶¯ÏÂÔظüв¢ÔÚÏÂÒ»´ÎÆô¶¯Ê±×°Öᣠ¡£¡£¡£¡£¡£

ÊÖ¶¯¸üУº

1¡¢µã»÷¡°×îÏȲ˵¥¡±»ò°´Windows¿ì½Ý¼ü£¬£¬£¬ £¬£¬µã»÷½øÈë¡°ÉèÖá±

2¡¢Ñ¡Ôñ¡°¸üкÍÇå¾²¡±£¬£¬£¬ £¬£¬½øÈë¡°Windows¸üС±£¨Windows 8¡¢Windows 8.1¡¢Windows Server 2012ÒÔ¼°Windows Server 2012 R2¿Éͨ¹ý¿ØÖÆÃæ°å½øÈë¡°Windows¸üС±£¬£¬£¬ £¬£¬Ïêϸ°ì·¨Îª¡°¿ØÖÆÃæ°å¡±->¡°ÏµÍ³ºÍÇå¾²¡±->¡°Windows¸üС±£©

3¡¢Ñ¡Ôñ¡°¼ì²é¸üС±£¬£¬£¬ £¬£¬ÆÚ´ýϵͳ½«×Ô¶¯¼ì²é²¢ÏÂÔØ¿ÉÓøüС£ ¡£¡£¡£¡£¡£

4¡¢ÖØÆôÅÌËã»ú£¬£¬£¬ £¬£¬×°ÖøüÐÂϵͳÖØÐÂÆô¶¯ºó£¬£¬£¬ £¬£¬¿Éͨ¹ý½øÈë¡°Windows¸üС±->¡°Éó²é¸üÐÂÀúÊ·¼Í¼¡±Éó²éÊÇ·ñÀÖ³É×°ÖÃÁ˸üС£ ¡£¡£¡£¡£¡£¹ØÓÚûÓÐÀÖ³É×°ÖõĸüУ¬£¬£¬ £¬£¬¿ÉÒÔµã»÷¸Ã¸üÐÂÃû³Æ½øÈë΢Èí¹Ù·½¸üÐÂÐÎòÁ´½Ó£¬£¬£¬ £¬£¬µã»÷×îеÄSSUÃû³Æ²¢ÔÚÐÂÁ´½ÓÖеã»÷¡°Microsoft ¸üÐÂĿ¼¡±£¬£¬£¬ £¬£¬È»ºóÔÚÐÂÁ´½ÓÖÐÑ¡ÔñÊÊÓÃÓÚÄ¿µÄϵͳµÄ²¹¶¡¾ÙÐÐÏÂÔز¢×°Öᣠ¡£¡£¡£¡£¡£

£¨¶þ£© ÊÖ¶¯×°ÖøüÐÂ

΢Èí¹Ù·½ÏÂÔØÏìÓ¦²¹¶¡¾ÙÐиüС£ ¡£¡£¡£¡£¡£

CVE-2020-17022Á´½ÓµØµã£º

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-17022

CVE-2020-17023Á´½ÓµØµã£º

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-17023

 

0x03 ²Î¿¼Á´½Ó

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-17022

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-17023

https://securityaffairs.co/wordpress/109665/security/microsoft-windows-rce.html?

https://threatpost.com/microsoft-rce-flaws-windows-update/160244/

0x04 ʱ¼äÏß

2020-10-15  MicrosoftÐû²¼Çå¾²¸üÐÂ

2020-10-19  VSRCÐû²¼Ç徲ͨ¸æ

 

0x05 ¸½Â¼

CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/

 

image.png