一、漏洞详情
Windows文件资源管理器(File Explorer)是Windows操作系统中的一个核心组件,用于浏览和管理计算机中的文件、文件夹和驱动器。
近日,监测到微软修复Windows文件资源管理器欺骗漏洞(CVE-2025-24071),该漏洞产生的原因是Windows资源管理器在解压包含特制.library-ms文件的RAR/ZIP存档时,会自动解析该文件内嵌的恶意SMB路径,触发隐式NTLM认证握手,导致用户NTLMv2哈希泄露。建议受影响师生做好资产自查以及预防工作,以免遭受黑客攻击。
二、影响范围
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows Server 2025 (Server Core installation)
Windows Server 2025
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows Server 2022, 23H2 Edition (Server Core installation)
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
三、修复建议
微软官方已更新受影响软件的安全补丁,学校师生可根据不同系统版本下载安装对应的安全补丁,安全更新链接如下:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24071
