各单位、各部门:
近日,微软在2021年6月的安全更新中修复了Windows操作系统后台打印服务 Windows Printer Spooler的远程代码执行漏洞(CVE-2021-1675), Windows Printer Spooler管理所有本地和网络打印队列,控制所有打印工作。若未进行漏洞修复,攻击者可利用该漏洞绕过安全检查在目标设备上安装恶意驱动程序。
一、漏洞影响范围:
1. Windows Server 2019 (Server Core installation)
2. Windows Server 2019
3. Windows Server 2016 (Server Core installation)
4. Windows Server 2016
5. Windows Server 2012 R2 (Server Core installation)
6. Windows Server 2012 R2
7. Windows Server 2012 (Server Core installation)
8. Windows Server 2012
9. Windows Server 2008 R2 for x64-based Systems Service Pack I (Server Core installation)
10. Windows Server 2008 R2 for x64-based Systems Service Pack 1
11. Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
12. Windows Server 2008 for x64-based Systems Service Pack 2
13. Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
14. Windows Server 2008 for 32-bit Systems Service Pack 2
15. Windows Server, version 2004 (Server Core installation)
16. Windows RT 8.1
17. Windows 8.1 for x64-based Systems
18. Windows 8.1 for 32-bit Systems
19. Windows 7 for x64-based Systems Service Pack
20. Windows 7 for 32-bit Systems Service Pack 1
21. Windows 10 Version 1607 for x64-based Systems
22. Windows 10 Version 1607 for 32-bit Systems
23. Windows 10 for x64-based Systems
24. Windows 10 for 32-bit Systems
25. Windows Server, version 20H2 (Server Core Installation)
26. Windows 10 Version 20H2 for ARM64-based Systems
27. Windows 10 Version 20H2 for 32-bit Systems
28. Windows 10 Version 20H2 for x64-based Systems
29. Windows 10 Version 2004 for x64-based Systems
30. Windows 10 Version 2004 for ARM64-based Systems
31. Windows 10 Version 2004 for 32-bit Systems
32. Windows 10 Version 21H1 for 32-bit Systems
33. Windows 10 Version 21H1 for ARM64-based Systems
34. Windows 10 Version 21H1 for x64-based Systems
35. Windows 10 Version 1909 for ARM64-hased Systems
36. Windows 10 Version 1909 for x64-based Systems
37. Windows 10 Version 1909 for 32-bit Systems
38. Windows 10 Version 1809 for ARM64-based Systems
39. Windows 10 Version 1809 for x64-based Systems
40. Windows 10 Version 1809 for 32-bit Systems
二、补丁下载地址:
https://msrc.microsoft.com/update-guide/zh-cn/vulnerability/CVE-2021-1675
鉴于漏洞危害较大且相关漏洞利用代码已公开,请各单位、各部门高度重视,及时安装官方补丁程序,做好风险防范,以免发生安全事件,如遇到系统遭攻击情况及时处置并报网信办。
网络安全和信息化办公室
2021年7月9日