零日漏洞PrintNightmare曝光：可在Windows後台執行遠程代碼

中國安全公司深信服（Sangfor）近日發現了名為 PrintNightmare 的零日漏洞，允許黑客在補丁完善的 Windows Print Spooler 設備上獲得完整的遠程代碼執行能力，該公司還發布了概念證明代碼。

在 6 月補丁星期二活動日中，微軟發布的安全累積更新中修復了一個類似的 Print Spooler 漏洞。但是對於已經打過補丁的 Windows Server 2019 設備，PrintNightmare 漏洞依然有效，並允許攻擊者遠程執行代碼。

根據概念證明代碼顯示，黑客只需要一些（甚至是低權限）的網絡憑證就可以利用該漏洞進行遠程執行，而且這些憑證在暗網上只需要 3 美元就能買到。這意味着企業網絡又極易受到（尤其是勒索軟件）的攻擊，安全研究人員建議企業禁用其 Windows Print Spoolers。

影響版本

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server, version 2004 (Server Core installation)

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows 7 for x64-based Systems Service Pack 1

Windows 7 for 32-bit Systems Service Pack 1

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows 10 Version 2004 for x64-based Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for 32-bit Systems

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems