弱點通告:Windows 近日發布更新以解決 SMB 的安全性弱點,建議請管理者儘速評估更新!
2025-10-31
風險等級: 高度威脅
摘  要: 弱點通告:Windows 近日發布更新以解決 SMB 的安全性弱點,建議請管理者儘速評估更新!
影響系統:
  • Windows Server 2025 (Server Core installation)
  • Windows Server 2025
  • Windows Server 2022
  • 23H2 Edition (Server Core installation)
  • Windows Server 2022 (Server Core installation)
  • Windows Server 2022
  • Windows Server 2019 (Server Core installation)
  • Windows Server 2019
  • Windows Server 2016 (Server Core installation)
  • Windows Server 2016
  • Windows Server 2012 R2 (Server Core installation)
  • Windows Server 2012 R2
  • Windows Server 2012 (Server Core installation)
  • Windows Server 2012
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1
  • Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 for x64-based Systems Service Pack 2
  • Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
  • Windows Server 2008 for 32-bit Systems Service Pack 2
  • Windows 11 Version 24H2 for x64-based Systems
  • Windows 11 Version 24H2 for ARM64-based Systems
  • Windows 11 Version 23H2 for x64-based Systems
  • Windows 11 Version 23H2 for ARM64-based Systems
  • Windows 11 Version 22H2 for x64-based Systems
  • Windows 11 Version 22H2 for ARM64-based Systems
  • Windows 10 Version 22H2 for x64-based Systems
  • Windows 10 Version 22H2 for ARM64-based Systems
  • Windows 10 Version 22H2 for 32-bit Systems
  • Windows 10 Version 21H2 for x64-based Systems
  • Windows 10 Version 21H2 for ARM64-based Systems
  • Windows 10 Version 21H2 for 32-bit Systems
  • Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems
  • Windows 10 Version 1809 for 32-bit Systems
  • Windows 10 Version 1607 for x64-based Systems
  • Windows 10 Version 1607 for 32-bit Systems
  • Windows 10 for x64-based Systems
  • Windows 10 for 32-bit Systems
    		•
    解決辦法: Microsoft 已釋出修補版本,請參考 Microsoft 官方網站的說明確認目前版本是否受影響,並下載對應修補版本。 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33073
    細節描述: CVE-2025-33073 : CVSS 8.8
    Windows SMB用戶端存在NTLM反射(NTLM Reflection)弱點。取得一般使用者權限之遠端攻擊者,可透過執行惡意腳本,迫使SMB用戶端與攻擊者控制之SMB伺服器連線並進行身分鑑別,由於SMB用戶端在驗證階段存在缺陷,攻擊者可藉此繞過安全檢核以提升至系統權限,進而控制用戶端系統。該弱點已遭駭客利用,請儘速確認並進行修補。

    HiNet SOC 建議管理者儘速評估更新,以降低受駭風險。
    https://hisecure.hinet.net/secureinfo/hotnews.php
    參考資訊: nics
    ithome