学校主页| 搜索
学校主页

通知公告

通知公告

当前位置: 首页 > 通知公告 > 正文

关于防范Windows TCP/IP 存在远程代码执行漏洞(CVE-2024-38063)的风险提示

来源: 发布时间:2024-08-19 点击:

各单位、校园网用户:

近日,微软公司发布了关于Windows操作系统中TCP/IP协议存在的Windows TCP/IP远程代码执行漏洞(CVE-2024-38063)的公告。该远程代码执行漏洞存在于Windows系统中的TCP/IP堆栈处理IPv6流量时,利用特定的IPv6数据包即可触发,且涉及TCP/IP这一支撑互联网通信的核心协议套件,成功利用此漏洞可导致远程代码执行,无需以用户身份进行身份验证即可远程进行文件查看、系统设置等操作可能导致广泛的系统破坏。

该漏洞受影响范围如下:

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows 11 Version 24H2 for x64-based Systems

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows Server 2022

Windows Server 2022 (Server Core installation)

Windows Server 2022, 23H2 Edition (Server Core installation)

请各单位、校园网用户在确保安全的前提下,尽快更新相关操作系统,避免引发漏洞相关的网络安全事件。微软已发布安全更新以修复此漏洞,您可以通过常规更新程序获取这些更新。

参考链接:https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063

附件:Windows系统更新补丁方法

信息化处     

2024年8月19日

地址:哈尔滨市南岗区南通大街145号逸夫馆

邮编:150001

电话:0451-82568888

邮箱:nic@hrbeu.edu.cn

  • 信息化处微信公众号

©2023哈尔滨工程大学信息化处