打开微信扫一扫
Windows Wi-Fi 驱动程序远程代码执行漏洞
202 4 年 6 月 21 日,安全运营中心监测到 Windows Wi-Fi 驱动程序远程代码执行漏洞, 漏洞 编号 : CVE-2024-30078 , 漏洞威胁等级:高危。
2. 漏洞详情
Windows Wi-Fi 驱动程序中存在输入验证不当漏洞,未经身份验证的攻击者可以向使用 Wi-Fi 网络适配器的相邻系统 / 设备发送恶意网络数据包,导致在无需用户交互的情况下实现远程代码执行。利用该漏洞需要靠近目标系统来发送和接收无线电传输。
3. 影响版本
受影响系统及版本 |
平台 |
受影响的微软驱动程序版本 |
Windows 10 Version 1809 |
32-bit Systemsx64-based SystemsARM64-based Systems |
10.0.0 - 10.0.17763.5936 之前 |
Windows Server 2019 |
x64-based Systems |
10.0.0 - 10.0.17763.5936 之前 |
Windows Server 2019 (Server Core installation) |
x64-based Systems |
10.0.0 - 10.0.17763.5936 之前 |
Windows Server 2022 |
x64-based Systems |
10.0.0 -10.0.20348.2527 之前 10.0.0 - 10.0.20348.2522 之前 |
Windows 11 version 21H2 |
x64-based SystemsARM64-based Systems |
10.0.0 - 10.0.22000.3019 之前 |
Windows 10 Version 21H2 |
32-bit SystemsARM64-based Systems(x64-based Systems) |
10.0.0 - 10.0.19043.4529 之前 |
Windows 11 version 22H2 |
ARM64-based Systemsx64-based Systems |
10.0.0 - 10.0.22621.3737 之前 |
Windows 10 Version 22H2 |
x64-based SystemsARM64-based Systems32-bit Systems |
10.0.0 - 10.0.19043.4529 之前 |
Windows 11 version 22H3 |
ARM64-based Systems |
10.0.0 - 10.0.22631.3737 之前 |
Windows 11 Version 23H2 |
x64-based Systems |
10.0.0 - 10.0.22631.3737 之前 |
Windows Server 2022 、 23H2 Edition (Server Core installation) |
x64-based Systems |
10.0.0 - 10.0.25398.950 之前 |
Windows 10 Version 1507 |
32-bit Systemsx64-based Systems |
10.0.0 - 10.0.10240.20680 之前 |
Windows 10 Version 1607 |
32-bit Systemsx64-based Systems |
10.0.0 - 10.0.14393.7070 之前 |
Windows Server 2016 |
x64-based Systems |
10.0.0 - 10.0.14393.7070 之前 |
Windows Server 2016 (Server Core installation) |
x64-based Systems |
10.0.0 -10.0.14393.7070 之前 |
Windows Server 2008 Service Pack 2 |
32-bit Systems |
6.0.0 - 6.0.6003.22720 之前 |
Windows Server 2008 Service Pack 2 (Server Core installation) |
32-bit Systemsx64-based Systems |
6.0.0 - 6.0.6003.22720 之前 |
Windows Server 2008 Service Pack 2 |
x64-based Systems |
6.0.0 - 6.0.6003.22720 之前 |
Windows Server 2008 R2 Service Pack 1 |
x64-based Systems |
6.1.0 - 6.1.7601.27170 之前 |
Windows Server 2008 R2 Service Pack 1 (Server Core installation) |
x64-based Systems |
6.0.0 - 6.1.7601.27170 之前 |
Windows Server 2012 |
x64-based Systems |
6.2.0 - 6.2.9200.24919 之前 |
Windows Server 2012 (Server Core installation) |
x64-based Systems |
6.2.0 - 6.2.9200.24919 之前 |
Windows Server 2012 R2 |
x64-based Systems |
6.3.0 - 6.3.9600.22023 之前 |
Windows Server 2012 R2 (Server Core installation) |
x64-based Systems |
6.3.0 - 6.3.9600.22023 之前 |
4. 处置建议
微软已在 6 月补丁日中发布了该漏洞的安全更新,建议受影响用户及时安装补丁修复该漏洞。
(一) Windows Update 自动更新
Microsoft Update 默认启用,当系统检测到可用更新时,将会自动下载更新并在下一次启动时安装。也可选择通过以下步骤手动进行更新:
点击“开始菜单”或按 Windows 快捷键,点击进入“设置”
选择“更新和安全”,进入“ Windows 更新”( Windows 8 、 Windows 8.1 、 Windows Server 2012 以及 Windows Server 2012 R2 可通过控制面板进入“ Windows 更新”,具体步骤为“控制面板” ->“ 系统和安全” ->“Windows 更新”)
选择“检查更新”,等待系统自动检查并下载可用更新。
更新完成后重启计算机,可通过进入“ Windows 更新” ->“ 查看更新历史记录”查看是否成功安装了更新。对于没有成功安装的更新,可以点击该更新名称进入微软官方更新描述链接,点击最新的 SSU 名称并在新链接中点击“ Microsoft 更新目录”,然后在新链接中选择适用于目标系统的补丁进行下载并安装。
(二) 手动安装更新
Microsoft 官方下载相应补丁进行更新。
下载链接:
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-30078