网络安全
安全通告
首页 > 网络安全 > 安全通告 > 正文

关于Windows SMB权限提升漏洞(CVE-2025-33073)的预警提示

日期:2025-06-18 责任编辑:苏昕 浏览量:

一、漏洞详情

Windows SMB(Server Message Block)是一种网络通信协议,用于计算机之间共享资源和文件。

近日,监测到官方修复Windows SMB权限提升漏洞(CVE-2025-33073),该漏洞存在于Windows SMB中,由于访问控制不当,具有普通域用户权限的攻击者可以通过添加恶意的DNS记录并强制域内计算机(域控除外)进行解析来获取域内所有用户的权限,从而达到提权的目的。

建议受影响用户做好资产自查以及预防工作,以免遭受黑客攻击。

二、影响范围

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)Windows Server 2012

Windows 10 for x64-based SystemsWindows 10 for 32-bit Systems

Windows Server 2025

Windows 11 Version 24H2 for x64-based Systems

Windows 11 Version 24H2 for ARM64-based Systems

Windows Server 2022, 23H2 Edition (Server Core installation)

Windows 11 Version 23H2 for x64-based Systems

Windows 11 Version 23H2 for ARM64-based Systems

Windows Server 2025 (Server Core installation)

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

三、修复建议

可参考以下链接下载适用于该系统的补丁并安装:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33073


版权所有:中国矿业大学 信息化建设与管理处

地址:江苏省徐州市大学路1号中国矿业大学南湖校区图书馆B座

故障报修
4000089233
信息服务监督
83592130
网络服务监督
83592122
矿大官方
矿大信息化
e矿大2.0