一、漏洞公告

2021年11月9日，微软官方发布了11月安全更新公告，包含了微软家族多个软件的安全更新补丁，包括：Microsoft Windows、Azure、Exchange Server、Microsoft Office 、Microsoft Dynamics、Microsoft Edge（基于 Chromium）、Hyper-V等55个安全漏洞。其中包含6个严重和多个高危漏洞。请相关用户及时更新对应补丁修复漏洞。相关链接参考：

https://msrc.microsoft.com/update-guide/releaseNote/2021-Nov

根据公告，此次更新中修复的Microsoft 虚拟机总线 (VMBus) 远程代码执行漏洞（CVE-2021-26443）、OpenSSL SM2解密缓冲区溢出漏洞（CVE-2021-3711）、远程桌面客户端远程代码执行漏洞（CVE-2021-38666）、Microsoft Excel安全功能绕过漏洞（CVE-2021-42292）、Microsoft Exchange Server远程代码执行漏洞（CVE-2021-42321）、Microsoft Defender 远程代码执行漏洞（CVE-2021-42298）、Chakra 脚本引擎内存损坏漏洞（CVE-2021-42279）、Microsoft Dynamics 365（本地）远程代码执行漏洞（CVE-2021-42316）等风险较大，建议尽快安装安全更新补丁或采取临时缓解措施加固系统。相关链接参考：

https://msrc.microsoft.com/update-guide/vulnerability/

二、影响范围

CVE-2021-26443 Microsoft 虚拟机总线 (VMBus) 远程代码执行漏洞：

Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for x64-based Systems

CVE-2021-3711 OpenSSL SM2 解密缓冲区溢出漏洞：

Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8) Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6) Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)

CVE-2021-38666远程桌面客户端远程代码执行漏洞:

Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Remote Desktop client for Windows Desktop Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems

CVE-2021-42292 Microsoft Excel安全功能绕过漏洞:

Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft Excel 2016 (32-bit edition) Microsoft Office LTSC 2021 for 32-bit editions Microsoft Office LTSC 2021 for 64-bit editions Microsoft Office LTSC for Mac 2021 Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft Office 2019 for Mac Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for 32-bit editions

CVE-2021-42321 Microsoft Exchange Server远程代码执行漏洞:

Microsoft Exchange Server 2019 Cumulative Update 11 Microsoft Exchange Server 2016 Cumulative Update 22 Microsoft Exchange Server 2019 Cumulative Update 10 Microsoft Exchange Server 2016 Cumulative Update 21

CVE-2021-42279 Chakra 脚本引擎内存损坏漏洞:

Windows Server 2016

Windows 10 for x64-based Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows Server 2019

Windows 10 Version 2004 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows Server, version 2004 (Server Core installation)

Windows 10 Version 2004 for 32-bit Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for 32-bit Systems

Windows Server 2022

Windows 11 for x64-based Systems

Windows 11 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

CVE-2021-42316 Microsoft Dynamics 365（本地）远程代码执行漏洞:

Microsoft Dynamics 365 (on-premises) version 9.0

Microsoft Dynamics 365（本地）版本 9.1

CVE-2021-42298 Microsoft Defender 远程代码执行漏洞:

Microsoft Malware Protection Engine

11月安全公告列表，包含的其他漏洞快速阅读指引

https://msrc.microsoft.com/update-guide/releaseNote/2021-Nov

三、漏洞描述

CVE-2021-26443 Microsoft 虚拟机总线 (VMBus)存在远程代码执行漏洞，因VM来宾无法正确处理VMBus信道上的通信，经过身份验证的攻击者可以在VMBus信道上从来宾VM向主机发送特制的消息，成功利用该漏洞的攻击者可以在主机操作系统上执行任意代码。

CVE-2021-3711漏洞存在于 Microsoft Visual Studio 使用的 OpenSSL 软件中，恶意攻击者如果能够向应用程序提供用于解密的SM2内容，将导致攻击者选择的数据溢出缓冲区最多 62 个字节，改变缓冲区后的其它数据内容，这将改变应用程序的行为或导致应用程序崩溃。

CVE-2021-38666远程桌面客户端存在远程代码执行漏洞，当受害者使用易受攻击的远程桌面客户端连接到攻击服务器时，控制远程桌面服务器的攻击者可以在 RDP 客户端计算机上触发远程代码执行。

CVE-2021-42292使用受影响的Excel版本打开特制文件时可能允许代码执行的，Excel加载了应该在安全提示之后的运行的代码从而绕过了该安全功能，目前尚不清楚它是恶意宏还是电子表格中加载的某种其他形式的代码。

CVE-2021-42321 Microsoft Exchange Server存在远程代码执行漏洞，经过身份认证的用户可利用该漏洞在目标Exchange Server服务器上执行任意代码。

CVE-2021-42298 该漏洞是由于Microsoft Defender中的输入验证不正确从而导致远程攻击者可以在目标系统上执行任意代码。

CVE-2021-42279  该漏洞是由于Chakra脚本引擎产生的边界错误从而导致攻击者可以远程触发内存错误在目标系统上执行任意代码。

CVE-2021-42316 该漏洞是由于输入验证不正确，通过身份验证的攻击者可以通过发送特定的请求从而在目标系统上执行任意代码。

四、缓解措施

高危：目前漏洞细节虽未公开，但是恶意攻击者可以通过补丁对比方式分析出漏洞触发点，并进一步开发漏洞利用代码，Microsoft已发布相关安全更新，鉴于漏洞的严重性，建议受影响的用户尽快修复。

（一）Windows 自动更新：

Microsoft Update默认启用，当系统检测到可用更新时，将会自动下载更新并在下一次启动时安装。

手动更新：

1、点击“开始菜单”或按Windows快捷键，点击进入“设置”

2、选择“更新和安全”，进入“Windows更新”（Windows 8、Windows 8.1、Windows Server 2012以及Windows Server 2012 R2可通过控制面板进入“Windows更新”，具体步骤为“控制面板”->“系统和安全”->“Windows更新”）

3、选择“检查更新”，等待系统将自动检查并下载可用更新。

4、重启计算机，安装更新系统重新启动后，可通过进入“Windows更新”->“查看更新历史记录”查看是否成功安装了更新。

（二）目前微软针对支持的产品已发布升级补丁修复了上述漏洞，请用户参考官方通告及时下载更新补丁。

补丁获取：https://msrc.microsoft.com/update-guide/vulnerability

来源：微软官网