Serveis / Alertes

Execució de codi de Microsoft Windows WDAC OLE DB provider per SQL Server

ALERTES

19/06/2023

CVE-2023-29372

ALT: (8,8)

CVSS3: 7,7

Microsoft Windows podria permetre a un atacant remot executar codi arbitrari al sistema causat per un defecte al component WDAC OLE DB provider per SQL Server. En persuadir a una víctima perquè es connecti a un servidor SQL maliciós a través de OLEDB, l’atacant podria explotar aquesta vulnerabilitat per executar codi arbitrari al client.

Sistemes Afectats

  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows 10 x32
  • Microsoft Windows 10 x64
  • Microsoft Windows Server 2016
  • Microsoft Windows Server 2019
  • Microsoft Windows 10 1809 for x64-based Systems
  • Microsoft Windows 10 1809 for 32-bit Systems
  • Microsoft Windows 10 1809 for ARM64-based Systems
  • Microsoft Windows 10 1607 for 32-bit Systems
  • Microsoft Windows 10 1607 for x64-based Systems
  • Microsoft Windows Server (Server Core installation) 2019
  • Microsoft Windows Server (Server Core installation) 2016
  • Microsoft Windows Server (Server Core installation) 2012 R2
  • Microsoft Windows Server (Server Core installation) 2012
  • Microsoft Windows Server for X64-based systems 2008 R2 SP1
  • Microsoft Windows Server for X64-based systems (Server Core installation) 2008 SP2
  • Microsoft Windows Server for 32-bit systems (Server Core installation) 2008 SP2
  • Microsoft Windows Server for 32-bit systems 2008 SP2
  • Microsoft Windows Server for X64-based systems (Server Core installation) 2008 R2 SP1
  • Microsoft Windows Server 2022
  • Microsoft Windows Server (Server Core installation) 2022
  • Microsoft Windows Server for X64-based systems 2008 SP2
  • Microsoft Windows 10 21H2 for 32-bit Systems
  • Microsoft Windows 10 21H2 for ARM64-based Systems
  • Microsoft Windows 10 21H2 for x64-based Systems
  • Microsoft Windows 11 22H2 for ARM64-based Systems
  • Microsoft Windows 11 22H2 for x64-based Systems
  • Microsoft Windows 10 22H2 for 32-bit Systems
  • Microsoft Windows 10 22H2 for ARM64-based Systems
  • Microsoft Windows 10 22H2 for x64-based Systems
  • Microsoft Windows 11 21H2 for ARM64-based Systems
  • Microsoft Windows 11 21H2 for x64-based Systems

Remediació
Utilitzeu Microsoft Automatic Update per a aplicar l’actualització adequada pel vostre sistema, o la Guia d’actualitzacions de seguretat de Microsoft per buscar actualitzacions disponibles. Per més informació, podeu consultar l’apartat de les referències.

Referències