CVE-2022-34718 – Falha Crítica no protocolo TCP/IP do Windows permite Execução Remota de Código

A CVE-2022-34718 é uma vulnerabilidade crítica (CVSS Score 9.8) que pode permitir que um invasor remoto não autenticado execute código com privilégios elevados em sistemas afetados sem interação do usuário.

A vulnerabilidade afeta apenas sistemas com o serviço IPSec em execução. Os sistemas não são afetados se o protocolo IPv6 estiver desativado.

Segue a relação dos produtos afetados:

Microsoft Windows Server

• Windows Server 2022 (Server Core installation and Azure Edition Core Hotpatch)
• Windows Server 2022
• Windows Server 2019 (Server Core installation)
• Windows Server 2019
• Windows Server 2016 (Server Core installation)
• Windows Server 2016
• Windows Server 2012 R2 (Server Core installation)
• Windows Server 2012 R2
• Windows Server 2012 (Server Core installation)
• Windows Server 2012
• Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
• Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
• Windows Server 2008 R2 for x64-based Systems Service Pack 1
• Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
• Windows Server 2008 for 32-bit Systems Service Pack 2

Microsoft Windows

• Windows 11 for x64-based Systems                                                     
• Windows 11 for ARM64-based Systems                                                    
• Windows 10 Version 21H2 for x64-based Systems                                                    
• Windows 10 Version 21H2 for ARM64-based Systems                                                       
• Windows 10 Version 21H2 for 32-bit Systems                                                    
• Windows 10 Version 21H1 for x64-based Systems                                                     
• Windows 10 Version 21H1 for ARM64-based Systems                                                    
• Windows 10 Version 21H1 for 32-bit Systems                                                    
• Windows 10 Version 20H2 for x64-based Systems                                                    
• Windows 10 Version 20H2 for ARM64-based Systems                                                    
• Windows 10 Version 20H2 for 32-bit Systems                                                     
• Windows 10 Version 1809 for x64-based Systems                                                    
• Windows 10 Version 1809 for ARM64-based Systems                                                    
• Windows 10 Version 1809 for 32-bit Systems                                                    
• Windows 10 Version 1607 for x64-based Systems                                                    
• Windows 10 Version 1607 for 32-bit Systems                                                     
• Windows 10 for x64-based Systems                                                    
• Windows 10 for 32-bit Systems                                                    
• Windows RT 8.1                                                    
• Windows 8.1 for x64-based systems                                                    
• Windows 8.1 for 32-bit systems                                                    
• Windows 7 for x64-based Systems Service Pack 1                                                     
• Windows 7 for 32-bit Systems Service Pack 1                                                    

Solução:

Recomenda-se aplicar as atualizações disponibilizadas pelo fabricante o quanto antes. Na impossibilidade de aplicação das atualizações avaliar como alternativa desativar o serviço IPSec e o protocolo IPv6.

Maiores informações:

https://nvd.nist.gov/vuln/detail/CVE-2022-34718

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34718