漏洞起因
设计错误
影响系统
Microsoft Windows XP Tablet PC Edition SP3
Microsoft Windows XP Tablet PC Edition SP2
Microsoft Windows XP Tablet PC Edition SP1
Microsoft Windows XP Tablet PC Edition
Microsoft Windows XP Professional x64 Edition SP3
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional SP3
Microsoft Windows XP Professional SP2
Microsoft Windows XP Professional SP1
Microsoft Windows XP Professional
Microsoft Windows XP Media Center Edition SP3
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Media Center Edition SP1
Microsoft Windows XP Media Center Edition
Microsoft Windows XP Home SP3
Microsoft Windows XP Home SP2
Microsoft Windows XP Home SP1
Microsoft Windows XP Home
Microsoft Windows XP 64-bit Edition SP1
Microsoft Windows XP 64-bit Edition
Microsoft Windows Vista x64 Edition SP2
Microsoft Windows Vista x64 Edition SP1
Microsoft Windows Vista x64 Edition 0
Microsoft Windows Vista Ultimate 64-bit edition SP2
Microsoft Windows Vista Ultimate 64-bit edition SP1
Microsoft Windows Vista Ultimate 64-bit edition 0
Microsoft Windows Vista Home Premium 64-bit edition SP2
Microsoft Windows Vista Home Premium 64-bit edition SP1
Microsoft Windows Vista Home Premium 64-bit edition 0
Microsoft Windows Vista Home Basic 64-bit edition SP2
Microsoft Windows Vista Home Basic 64-bit edition SP1
Microsoft Windows Vista Enterprise 64-bit edition SP2
Microsoft Windows Vista Enterprise 64-bit edition SP1
Microsoft Windows Vista Enterprise 64-bit edition 0
Microsoft Windows Vista Business 64-bit edition SP2
Microsoft Windows Vista Business 64-bit edition SP1
Microsoft Windows Vista Business 64-bit edition 0
Microsoft Windows Vista Ultimate SP2
Microsoft Windows Vista Ultimate
Microsoft Windows Vista SP2
Microsoft Windows Vista SP1
Microsoft Windows Vista Home Premium SP2
Microsoft Windows Vista Home Premium SP1
Microsoft Windows Vista Home Premium
Microsoft Windows Vista Home Basic SP2
Microsoft Windows Vista Home Basic SP1
Microsoft Windows Vista Home Basic
Microsoft Windows Vista Enterprise SP2
Microsoft Windows Vista Enterprise SP1
Microsoft Windows Vista Enterprise
Microsoft Windows Vista Business SP2
Microsoft Windows Vista Business SP1
Microsoft Windows Vista Business
Microsoft Windows Vista 0
Microsoft Windows Server 2008 Standard Edition SP2
Microsoft Windows Server 2008 Standard Edition 0
Microsoft Windows Server 2008 R2 Datacenter 0
Microsoft Windows Server 2008 for x64-based Systems SP2
Microsoft Windows Server 2008 for x64-based Systems R2
Microsoft Windows Server 2008 for x64-based Systems 0
Microsoft Windows Server 2008 for Itanium-based Systems SP2
Microsoft Windows Server 2008 for Itanium-based Systems R2
Microsoft Windows Server 2008 for Itanium-based Systems 0
Microsoft Windows Server 2008 for 32-bit Systems SP2
Microsoft Windows Server 2008 for 32-bit Systems 0
Microsoft Windows Server 2008 Enterprise Edition SP2
Microsoft Windows Server 2008 Enterprise Edition 0
Microsoft Windows Server 2008 Datacenter Edition SP2
Microsoft Windows Server 2008 Datacenter Edition 0
Microsoft Windows Server 2003 x64 SP2
Microsoft Windows Server 2003 x64 SP1
Microsoft Windows Server 2003 Web Edition SP2
Microsoft Windows Server 2003 Web Edition SP1
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Standard x64 Edition
Microsoft Windows Server 2003 Standard Edition SP2
Microsoft Windows Server 2003 Standard Edition SP1
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Itanium SP2
Microsoft Windows Server 2003 Itanium SP1
Microsoft Windows Server 2003 Itanium 0
Microsoft Windows Server 2003 Enterprise x64 Edition SP2
Microsoft Windows Server 2003 Enterprise x64 Edition
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
Microsoft Windows Server 2003 Enterprise Edition SP1
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Datacenter x64 Edition SP2
Microsoft Windows Server 2003 Datacenter x64 Edition
Microsoft Windows Server 2003 Datacenter Edition Itanium SP1 Beta 1
Microsoft Windows Server 2003 Datacenter Edition Itanium SP1
Microsoft Windows Server 2003 Datacenter Edition Itanium 0
Microsoft Windows Server 2003 Datacenter Edition SP1
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows 7 for x64-based Systems 0
Microsoft Windows 7 for 32-bit Systems 0
3DM Software Disk Management Software SP2
3DM Software Disk Management Software SP1
不受影响系统
危害
本地攻击者可以利用漏洞使系统重启。
攻击所需条件
攻击者必须访问Microsoft Windows。
漏洞信息
Microsoft Windows是一款流行的操作系统。
Windows本地安全授权子系统服务(LSASS)在NTLM验证过程中不正确处理畸形报文,可导致拒绝服务攻击。
攻击者可以提交一个特殊构建的匿名NTLM验证请求,可使LSASS服务崩溃,之后会重新启动机器。
目前没有详细漏洞细节提供。
测试方法
厂商解决方案
用户可参考如下供应商提供的安全补丁:
Microsoft Windows XP Media Center Edition SP2
Microsoft Security Update for Windows XP (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=e997ea40-668e -40df-bd50-0ca53437b375
Microsoft Windows Server 2008 for 32-bit Systems SP2
Microsoft Security Update for Windows Server 2008 (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=f2f617c2-f149 -4e9b-bfdd-08ed0f3f99db
Microsoft Windows Server 2008 for x64-based Systems R2
Microsoft Security Update for Windows Server 2008 R2 x64 Edition (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=597ac3a7-e02d -49a5-9b8e-d097e867acea
Microsoft Windows Vista x64 Edition 0
Microsoft Security Update for Windows Vista for x64-based Systems (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=58c995ca-f308 -4e07-8e60-2e542384d95d
Microsoft Windows Server 2003 Datacenter x64 Edition SP2
Microsoft Security Update for Windows Server 2003 x64 Edition (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=8df7a2d9-2f97 -4f18-84e8-415a1632cf09
Microsoft Windows XP Tablet PC Edition SP2
Microsoft Security Update for Windows XP (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=e997ea40-668e -40df-bd50-0ca53437b375
Microsoft Windows XP Media Center Edition SP3
Microsoft Security Update for Windows XP (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=e997ea40-668e -40df-bd50-0ca53437b375
Microsoft Windows 7 for 32-bit Systems 0
Microsoft Security Update for Windows 7 (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=35b85783-90df -4f67-a3cb-02351432133e
Microsoft Windows Server 2003 Web Edition SP2
Microsoft Security Update for Windows Server 2003 (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=9dff4662-7771 -4bdc-87ec-7899d79b3a55
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Security Update for Windows XP x64 Edition (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=17008892-7950 -44c4-850d-002c8d73495f
Microsoft Windows Vista 0
Microsoft Security Update for Windows Vista (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=04ae306b-0d0d -4767-ab54-cc11aec477ed
Microsoft Windows Server 2003 x64 SP2
Microsoft Security Update for Windows Server 2003 x64 Edition (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=8df7a2d9-2f97 -4f18-84e8-415a1632cf09
Microsoft Windows Vista x64 Edition SP1
Microsoft Security Update for Windows Vista for x64-based Systems (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=58c995ca-f308 -4e07-8e60-2e542384d95d
Microsoft Windows XP Tablet PC Edition SP3
Microsoft Security Update for Windows XP (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=e997ea40-668e -40df-bd50-0ca53437b375
Microsoft Windows Vista SP1
Microsoft Security Update for Windows Vista (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=04ae306b-0d0d -4767-ab54-cc11aec477ed
Microsoft Windows Server 2008 for x64-based Systems 0
Microsoft Security Update for Windows Server 2008 x64 Edition (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=deb84cb8-2ba3 -47e3-9185-2bbc5b0a7e18
Microsoft Windows Server 2008 for Itanium-based Systems SP2
Microsoft Security Update for Windows Server 2008 for Itanium-based Systems (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=abc94857-37d8 -4bb8-ad9e-46e687fca40e
3DM Software Disk Management Software SP2
Microsoft Security Update for Windows Server 2003 (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=9dff4662-7771 -4bdc-87ec-7899d79b3a55
Microsoft Windows 7 for x64-based Systems 0
Microsoft Security Update for Windows 7 for x64-based Systems (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=97010f2c-6c10 -4fda-84fd-6c8749968db5
Microsoft Windows Server 2003 Standard Edition SP2
Microsoft Security Update for Windows Server 2003 (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=9dff4662-7771 -4bdc-87ec-7899d79b3a55
Microsoft Windows XP Home SP2
Microsoft Security Update for Windows XP (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=e997ea40-668e -40df-bd50-0ca53437b375
Microsoft Windows Server 2008 for x64-based Systems SP2
Microsoft Security Update for Windows Server 2008 x64 Edition (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=deb84cb8-2ba3 -47e3-9185-2bbc5b0a7e18
Microsoft Windows Server 2003 Itanium SP2
Microsoft Security Update for Windows Server 2003 for Itanium-based Systems (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=83c77015-7f96 -4c0d-bd56-60aef90ea2f8
Microsoft Windows Vista SP2
Microsoft Security Update for Windows Vista (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=04ae306b-0d0d -4767-ab54-cc11aec477ed
Microsoft Windows XP Home SP3
Microsoft Security Update for Windows XP (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=e997ea40-668e -40df-bd50-0ca53437b375
Microsoft Windows Server 2008 for Itanium-based Systems R2
Microsoft Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=4aac0e3e-9b49 -4a4a-ab17-707ff03b4d9b
Microsoft Windows Vista x64 Edition SP2
Microsoft Security Update for Windows Vista for x64-based Systems (KB975467)
http://www.microsoft.com/downloads/details.aspx?familyid=58c995ca-f308 -4e07-8e60-2e542384d95d
漏洞提供者
Microsoft
0 条评论。