本月微软“周二补丁日”，微软修补了IE浏览器、Microsoft Edge、Microsoft Office 和 Microsoft Exchange Server等多款产品中的大量漏洞。其中，微软消息与协作系统Exchange Server的三个高危特权提升漏洞（CVE-2019-0686、CVE-2019-0724和CVE-2018-8581）以及DHCP服务端组件的一个远程执行代码漏洞（CVE-2019-0626）的影响范围最为广泛、危害也最为严重，需要大家特别注意。

漏洞描述

• CVE-2019-0686、CVE-2019-0724、CVE-2018-8581：Microsoft Exchange Server特权提升漏洞

这组漏洞是存在于Microsoft Exchange Server中的特权提升漏洞，需要开启Exchange Web服务（EWS）和推送通知。想要利用这组漏洞，攻击者需要进行中间人攻击，将身份验证请求转发到Microsoft Exchange Server模拟其他Exchange用户。成功利用，允许攻击者获得Exchange服务器中任何用户权限，进而实施电子邮件窃取之类的恶意活动。为了解决此漏洞，微软将EWS客户端与Exchange Server之间建立的通知消息，使用匿名身份验证机制进行流式处理。

其中，CVE-2018-8581在2018年11月份安全更新中没有给出补丁，只是建议修改NTLM身份验证的注册表值。CVE-2019-0686和CVE-2019-0724则是CVE-2018-8581的两种攻击方法，本次安全更新彻底修补了该漏洞。

• CVE-2019-0626：Windows DHCP远程执行代码漏洞

这个漏洞实际上是存在于Windows Server DHCP服务中的一个内存损坏漏洞。没有前置利用条件，允许攻击者将特制数据包发送到DHCP服务器。成功利用，允许攻击者在DHCP服务中运行任意代码。

影响范围

• CVE-2019-0686、CVE-2019-0724和CVE-2018-8581的影响范围如下：

Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 26

Microsoft Exchange Server 2013 Cumulative Update 22

Microsoft Exchange Server 2016 Cumulative Update 12

Microsoft Exchange Server 2019 Cumulative Update 1

• CVE-2019-0626的影响范围如下：

Windows 10 Version 1703 for 32-bit Systems

Windows 10 Version 1703 for x64-based Systems

Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for x64-based Systems

Windows Server, version 1803 (Server Core Installation)

Windows 10 Version 1803 for ARM64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows Server 2019

Windows Server 2019 (Server Core installation)

Windows 10 Version 1709 for 32-bit Systems

Windows 10 Version 1709 for 64-based Systems

Windows 10 Version 1709 for ARM64-based Systems

Windows Server, version 1709 (Server Core Installation)

Windows Server, version 1709 (Server Core Installation)

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-based Systems

Windows Server 2016

Windows Server 2016 (Server Core installation)

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows 8.1 for 32-bit systems

Windows 8.1 for x64-based systems

Windows RT 8.1

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for Itanium-Based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Core installation)

应对建议

• 与CVE-2019-0686、CVE-2019-0724相关的系统补丁可以通过下面这两个链接找到：

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0686

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0724

• 与CVE-2019-0626相关的系统补丁可以通过下面这个链接找到：

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0626

• 与CVE-2018-8581相关的系统补丁可以通过下面这个链接找到：

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8581