⭐訊字第109063號
發佈編號 TACERT-ANA-2020101602100606 發佈時間 2020-10-16 14:23:06
事故類型 ANA-漏洞預警 發現時間 2020-10-16 14:23:06
影響等級 低
[主旨說明:]【漏洞預警】微軟Windows TCP/IP堆疊存在安全漏洞(CVE-2020-16898)
[內容說明:] 轉發 行政院國家資通安全會報技術服務中心 資安訊息警訊 NISAC-ANA-202010-0502
研究人員發現微軟Windows TCP/IP堆疊(TCP/IP stack)未能正確處理ICMPv6之路由器公告(
情資分享等級: WHITE(情資內容為可公開揭露之資訊)
[影響平台:] 受影響Windows版本如下:Windows 10 Version 1709 for 32-bit Systems;
Windows 10 Version 1709 for ARM64-based Systems;
Windows 10 Version 1709 for x64-based Systems;
Windows 10 Version 1803 for 32-bit Systems;
Windows 10 Version 1803 for ARM64-based Systems;
Windows 10 Version 1803 for x64-based Systems;
Windows 10 Version 1809 for 32-bit Systems;
Windows 10 Version 1809 for ARM64-based Systems;
Windows 10 Version 1809 for x64-based Systems;
Windows 10 Version 1903 for 32-bit Systems;
Windows 10 Version 1903 for ARM64-based Systems;
Windows 10 Version 1903 for x64-based Systems;
Windows 10 Version 1909 for 32-bit Systems;
Windows 10 Version 1909 for ARM64-based Systems;
Windows 10 Version 1909 for x64-based Systems;
Windows 10 Version 2004 for 32-bit Systems;
Windows 10 Version 2004 for ARM64-based Systems;
Windows 10 Version 2004 for x64-based Systems;
Windows Server 2019;
Windows Server 2019 (Server Core installation);
Windows Server, version 1903 (Server Core installation);
Windows Server, version 1909 (Server Core installation);
Windows Server, version 2004 (Server Core installation); [建議措施:]
1.目前微軟官方已針對此漏洞釋出更新程式,
2.如無法更新,亦可於Windows 1709以上版本環境中,執行「netsh int ipv6 set int *INTERFACENUMBER* rabaseddnsconfig=disable」
2. https://vuldb.com/?id.162598
(此通報僅在於告知相關資訊,並非為資安事件),
教育機構資安通報應變小組
網址:https://info.cert.tanet.
專線電話:07-5250211
網路電話:98400000
E-Mail:service@cert.tanet.edu.