酷应用

【漏洞通告】Windows 网络文件系统漏洞（CVE-2020-17051、CVE-2020-17056）

百家作者：绿盟科技 2020-11-11 20:00:24

漏洞概述

当地时间11月10日，微软最新的月度补丁更新中修复了两枚存在于Windows 网络文件系统（Network File System，NFS）中的漏洞，分别是 CVE-2020-17051和 CVE-2020-17056。

CVE-2020-17051 是存在于nfssvr.sys驱动中的远程代码执行漏洞，据称复现时可导致蓝屏死机（BSOD）[3]。

CVE-2020-17056是一个存在于nfssvr.sys驱动中的远程越界读取漏洞，可导致ASLR（地址空间布局随机化）被绕过。

当这两个漏洞被组合利用时，攻击者在Windows服务器上绕过漏洞缓解措施并实现远程利用的可能性将大大增加。官方已为受影响系统提供了补丁，建议用户尽快安装更新进行防护。

NFS是个分布式的客户机/服务器文件系统。通过Windows NFS,用户可以在运行 Windows 的计算机上，像访问本地文件一样访问其他非 Windows 操作系统（如 Linux 或 UNIX）上的文件。

参考链接：

[1]https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17051

[2]https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17056

[3]https://www.mcafee.com/blogs/other-blogs/mcafee-labs/cve-2020-17051-remote-kernel-heap-overflow-in-nfsv3-windows-server/

受影响产品版本

CVE-2020-17051

Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)