【风险通告】Microsoft Defender 缓冲区溢出高危漏洞通知

我司在安全漏洞预警机制排查时发现，Microsoft官方于2021年1月12日发布了Microsoft Defender 缓冲区溢出漏洞的风险通告，该漏洞编号为CVE-2021-1647，漏洞等级：高危，漏洞评分：7.8，特将漏洞详情通告如下：

一、漏洞详情

攻击者通过构造特殊的PE文件,使得Microsoft Defender在对该文件进行解析的时候，产生缓冲区溢出，从而造成远程代码执行。目前，漏洞细节已公开，Microsoft官方已发布升级版本信息。

二、影响版本

-Microsoft:Microsoft Defender:Windows 8.1 for 32-bit systems

-Microsoft:Microsoft Defender:Windows 7 for x64-based Systems Service Pack 1

-Microsoft:Microsoft Defender:Windows 7 for 32-bit Systems Service Pack 1

-Microsoft:Microsoft Defender:Windows Server 2016 (Server Core installation)

-Microsoft:Microsoft Defender:Windows Server 2016

-Microsoft:Microsoft Defender:Windows 10 Version 1607 for x64-based Systems

-Microsoft:Microsoft Defender:Windows 10 Version 1607 for 32-bit Systems

-Microsoft:Microsoft Defender:Windows 10 for x64-based Systems

-Microsoft:Microsoft Defender:Windows 10 for 32-bit Systems

-Microsoft:Microsoft Defender:Windows Server, version 20H2 (Server Core Installation)

-Microsoft:Microsoft Defender:Windows 10 Version 20H2 for ARM64-based Systems

-Microsoft:Microsoft Defender:Windows 10 Version 20H2 for 32-bit Systems

-Microsoft:Microsoft Defender:Windows 10 Version 20H2 for x64-based Systems

-Microsoft:Microsoft Defender:Windows Server, version 2004 (Server Core installation)

-Microsoft:Microsoft Defender:Windows 10 Version 2004 for x64-based Systems

-Microsoft:Microsoft Defender:Windows 10 Version 2004 for ARM64-based Systems

-Microsoft:Microsoft Defender:Windows 10 Version 2004 for 32-bit Systems

-Microsoft:Microsoft Defender:Windows Server, version 1909 (Server Core installation)

-Microsoft:Microsoft Defender:Windows 10 Version 1909 for ARM64-based Systems

-Microsoft:Microsoft Defender:Windows 10 Version 1909 for x64-based Systems

-Microsoft:Microsoft Defender:Windows 10 Version 1909 for 32-bit Systems

-Microsoft:Microsoft Defender:Windows Server 2019 (Server Core installation)

-Microsoft:Microsoft Defender:Windows Server 2019

-Microsoft:Microsoft Defender:Windows 10 Version 1809 for ARM64-based Systems

-Microsoft:Microsoft Defender:Windows 10 Version 1809 for x64-based Systems

-Microsoft:Microsoft Defender:Windows 10 Version 1809 for 32-bit Systems

-Microsoft:Microsoft Defender:Windows 10 Version 1803 for ARM64-based Systems

-Microsoft:Microsoft Defender:Windows 10 Version 1803 for x64-based Systems

-Microsoft:Microsoft Defender:Windows 10 Version 1803 for 32-bit Systems

-Microsoft:Microsoft System Center 2012 Endpoint Protection

-Microsoft:Microsoft Security Essentials

-Microsoft:Microsoft System Center 2012 R2 Endpoint Protection

-Microsoft:Microsoft System Center Endpoint Protection

-Microsoft:Microsoft Defender:Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

-Microsoft:Microsoft Defender:Windows Server 2008 for 32-bit Systems Service Pack 2

-Microsoft:Microsoft Defender:Windows RT 8.1

-Microsoft:Microsoft Defender:Windows 8.1 for x64-based systems

-Microsoft:Microsoft Defender:Windows Server 2012 R2 (Server Core installation)

-Microsoft:Microsoft Defender:Windows Server 2012 R2

<p style=\"margin-top: 0px; margin-bottom: 0px; padding: 0px; color: rgb(102, 102, 102); font-family: \"Microsoft