关于Windows IKE协议扩展远程代码执行漏洞（CVE-2022-34721）的预警提示-徐州幼儿师范高等专科学校-信息网络中心

关于Windows IKE协议扩展远程代码执行漏洞（CVE-2022-34721）的预警提示

时间：2022-11-30 点击数：

一、漏洞详情

IKE协议属于一种混合型协议，由Internet安全关联和密钥管理协议（ISAKMP）和两种密钥交换协议OAKLEY与SKEME组成。

近日，监测到Windows IKE协议扩展远程代码执行漏洞（CVE-2022-34721），该漏洞是通过向启用了IPSec的Windows节点发送特制IP数据包，在系统上执行任意代码。此漏洞仅影响启用了IPSec服务的Windows系统，该漏洞存在于KEv1协议（该协议已弃用，但与旧系统兼容）中的代码，但所有Windows服务器都会受到影响，因为它们同时接受V1和V2数据包，从而使该漏洞变得严重。

建议受影响用户做好资产自查以及预防工作，以免遭受黑客攻击。

二、影响范围

Windows Server 2022

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 for ARM64-based Systems

Windows 11 for x64-based Systems

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 Azure Edition Core Hotpatch

Windows Server 2022 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows 7 for x64-based Systems Service Pack 1

Windows 7 for 32-bit Systems Service Pack 1

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

三、修复建议

目前官方已发布安全版本修复上述漏洞，建议受影响的用户升级至安全版本。

下载链接：https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34721