關於Windows Print Spooler遠程代碼執行漏洞風險提示

一、背景介紹

根據中央網信辦通報，微軟在2021年6月的安全更新中修復了其Windows操作系統後臺打印服務Windows Print Spooler的遠程代碼執行漏洞（CVE-2021-1675）。

1.1漏洞描述

Windows Print Spooler管理所有本地和網絡打印隊列💩🤷‍♀️，控製所有打印工作⛄️。攻擊者利用該漏洞可繞過安全檢查在目標設備上安裝惡意驅動程序。

1.2漏洞編號

CVE-2021-1675

1.3漏洞等級

高危

二、修復建議

2.1 受影響版本

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server, version 2004 (Server Core installation)

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows 7 for x64-based Systems Service Pack 1

Windows 7 for 32-bit Systems Service Pack 1

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows 10 Version 2004 for x64-based Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for 32-bit Systems

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

2.2 修復建議

微軟已發布更新補丁🧣，建議從微軟官方下載對應的補丁程序進行漏洞修復。

微軟官方補丁下載地址：https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1675

鑒於漏洞危害較大且相關漏洞利用代碼已公開👨🏿，請各單位排查是否部署了受影響的微軟產品↗️，及時安裝官方補丁程序🏄🏿‍♂️，做好風險防範👨🏿‍✈️，以免發生安全事件◻️。

請各單位高度關註❎📑，不用回復🤕，謝謝！