{"id":2048,"date":"2022-07-06T15:27:15","date_gmt":"2022-07-06T07:27:15","guid":{"rendered":"https:\/\/blog.billows.com.tw\/?p=2048"},"modified":"2023-02-13T10:44:38","modified_gmt":"2023-02-13T02:44:38","slug":"cisa%e4%b8%8b%e4%bb%a4%e8%81%af%e9%82%a6%e6%a9%9f%e6%a7%8b%e5%9c%a87-%e6%9c%88-22-%e6%97%a5%e5%89%8d%ef%bc%8c%e5%ae%8c%e6%88%90%e4%bf%ae%e8%a3%9cwindows-lsa-%e6%bc%8f%e6%b4%9e","status":"publish","type":"post","link":"https:\/\/blog.billows.com.tw\/?p=2048","title":{"rendered":"CISA\u4e0b\u4ee4\u806f\u90a6\u6a5f\u69cb\u57287 \u6708 22 \u65e5\u524d\uff0c\u5b8c\u6210\u4fee\u88dcWindows LSA \u6f0f\u6d1e!"},"content":{"rendered":"\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"865\" height=\"451\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/07\/image-8.png\" alt=\"\" class=\"wp-image-2049\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/07\/image-8.png 865w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/07\/image-8-300x156.png 300w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/07\/image-8-768x400.png 768w\" sizes=\"auto, (max-width: 865px) 100vw, 865px\" \/><\/figure>\n\n\n\n<p>\u8fd1\u65e5\uff0c\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u66a8\u57fa\u790e\u8a2d\u65bd\u5b89\u5168\u5c40(CISA) <a href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/current-activity\/2022\/07\/01\/cisa-adds-one-known-exploited-vulnerability-catalog\">\u4e0b\u4ee4<\/a>\uff0c\u806f\u90a6\u6c11\u4e8b\u884c\u653f\u90e8\uff08FCEB\uff09\u5fc5\u9808\u5728 7 \u6708 22 \u65e5\u4e4b\u524d\uff0c\u5c0d\u5f71\u97ff\u5fae\u8edf\u8a2d\u5099\u7684\u5b89\u5168\u6f0f\u6d1e\u63a1\u53d6\u88dc\u6551\u63aa\u65bd\u3002\u8a72\u6f0f\u6d1e\u88ab\u8ddf\u8e2a\u70baCVE-2022-26925\uff0c\u4e00\u500b\u5c6c\u65bcWindows Local Security Authority\uff08Windows LSA\uff09\u7684\u6b3a\u9a19\u6f0f\u6d1e\uff0c\u4e26\u88ab\u78ba\u8a8d\u70ba\u65b0\u7684 PetitPotam Windows NTLM Relay \u7684\u653b\u64ca\u5411\u91cf\u3002Windows LSA\u662f\u4e00\u500b\u53d7\u4fdd\u8b77\u7684Windows\u5b50\u7cfb\u7d71\uff0c\u8ca0\u8cac\u57f7\u884cWindows\u7cfb\u7d71\u7684\u5b89\u5168\u653f\u7b56\uff0c\u6703\u5728\u7528\u6236\u767b\u5165\u6642\u9a57\u8b49\u7528\u6236\u8eab\u5206\uff0c\u4ea6\u53ef\u8655\u7406\u5bc6\u78bc\u8b8a\u66f4\u6216\u7522\u751f\u5b58\u53d6\u6b0a\u6756\u3002Windows Local Security Authority(LSA) \u5b58\u5728\u7684\u9ad8\u98a8\u96aa\u6f0f\u6d1e\uff0c\u80fd\u5f71\u97ff\u591a\u6578 Windows \u7248\u672c\uff0c\u672a\u7d93\u8eab\u4efd\u8a8d\u8b49\u7684\u653b\u64ca\u8005\u53ef\u8f15\u6613\u5229\u7528\u6b64\u6f0f\u6d1e\u900f\u904e NTLM \u5f37\u5236\u53d6\u5f97\u8eab\u4efd\u8a8d\u8b49\uff0c\u4ee5\u5229\u9032\u884c\u5f8c\u7e8c\u653b\u64ca \u3002<\/p>\n\n\n\n<p>\u64da\u6089\u5728\u4eca\u5e745\u6708\uff0cCISA\u66fe\u5c07CVE-2022-26925\u7d0d\u5165\u5728\u5df2\u77e5\u906d\u958b\u63a1\u6f0f\u6d1e(Known Exploited Vulnerabilities)\u76ee\u9304\u4e2d\uff0c\u4e26\u767c\u5e03\u4e86\u5f37\u5236\u4fee\u88dc\u7684\u547d\u4ee4\uff0c\u4f46\u5f88\u5febCISA\u5c31\u5c07\u9019\u689d\u516c\u544a\u522a\u9664\u3002\u539f\u56e0\u662f\u5fae\u8edf\u57282022\u5e745\u6708\u7684\u4fee\u88dc\u661f\u671f\u4e8c(Patch Tuseday) \u4e2d\uff0c\u96d6\u7136\u8072\u7a31\u89e3\u6c7a\u4e86CVE-2022-26925\u6f0f\u6d1e\uff0c\u4f46\u5728\u5b89\u88dd\u4fee\u88dc\u5f8c\u8a72\u554f\u984c\u4ecd\u7136\u6c92\u6709\u5fb9\u5e95\u89e3\u6c7a\uff0c\u5728 Windows Server \u7db2\u57df\u63a7\u5236\u5668\u4e0a\u90e8\u7f72\u6642\u4e5f\u6703\u89f8\u767c\u670d\u52d9\u8eab\u4efd\u9a57\u8b49\u7684\u554f\u984c\u3002<\/p>\n\n\n\n<p>CISA \u89e3\u91cb\u8aaa\uff0c\u5728\u7db2\u57df\u63a7\u5236\u5668\u90e8\u7f72\u4e0a\u8a8d\u8b49\u5931\u6557\u7684\u554f\u984c\uff0c\u53ef\u5c0e\u81f4\u4f01\u696d\u53ef\u80fd\u6703\u5728\u4f3a\u670d\u5668\u6216\u5ba2\u6236\u7aef\u9047\u5230\u670d\u52d9\u7684\u8a8d\u8b49\u5931\u6557\uff0c\u5982\u7db2\u8def\u539f\u5247\u4f3a\u670d\u5668(NPS)\u3001\u8def\u7531\u53ca\u9060\u7aef\u5b58\u53d6\u670d\u52d9\uff08RRAS\uff09\u3001Radius\u3001\u64f4\u5c55\u8a8d\u8b49\u5354\u8b70\uff08EAP\uff09\u548c\u53d7\u4fdd\u8b77\u53ef\u64f4\u5c55\u8a8d\u8b49\u5354\u8b70\uff08PEAP\uff09\u90fd\u6703\u53d7\u5230\u5f71\u97ff\u3002<\/p>\n\n\n\n<p>\u96a8\u5f8c\uff0c\u5fae\u8edf\u57286\u6708\u5411CISA\u901a\u5831\u4e86\u554f\u984c\u7684\u89e3\u6c7a\u65b9\u6848\uff0c\u4eca\u5929\uff0cCISA\u4e5f\u767c\u5e03\u4e86<a href=\"https:\/\/www.cisa.gov\/guidance-applying-june-microsoft-patch\">\u65b0\u7684\u6307\u5357<\/a>\uff0c\u5176\u4e2d\u5305\u542b\u5fc5\u9808\u9075\u5faa\u7684 CVE-2022-26925 \u7de9\u89e3\u6b65\u9a5f\uff0c\u4ee5\u9632\u6b62\u670d\u52d9\u4e2d\u65b7\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"865\" height=\"771\" src=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/07\/image-9.png\" alt=\"\" class=\"wp-image-2050\" srcset=\"https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/07\/image-9.png 865w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/07\/image-9-300x267.png 300w, https:\/\/blog.billows.com.tw\/wp-content\/uploads\/2022\/07\/image-9-768x685.png 768w\" sizes=\"auto, (max-width: 865px) 100vw, 865px\" \/><\/figure>\n\n\n\n<p>\u6839\u64da\u7f8e\u570b\u806f\u90a6\u7d04\u675f\u6027\u4f5c\u696d\u6307\u5f15\uff08binding operational directive\uff0cBOD\uff0922-01\uff0c\u70ba\u4e86\u6e1b\u5c11\u5df2\u77e5\u906d\u958b\u63a1\u6f0f\u6d1e\u7684\u91cd\u5927\u98a8\u96aa\uff0c\u7f8e\u570b\u806f\u90a6\u6c11\u4e8b\u884c\u653f\u90e8\uff08FCEB\uff09\u5fc5\u9808\u57287\u670822\u65e5\u4e4b\u524d\u5b8c\u6210\u4fee\u88dc\u5df2\u767c\u73fe\u7684\u6f0f\u6d1e\uff0c\u4ee5\u4fdd\u8b77\u5176\u7db2\u8def\u3002\u5118\u7ba1\u8a72\u6307\u4ee4\u50c5\u9069\u7528\u65bc\u806f\u90a6\u6a5f\u69cb\uff0c\u4f46 CISA \u4e5f\u5f37\u70c8\u6566\u4fc3\u7f8e\u570b\u79c1\u71df\u548c\u516c\u5171\u90e8\u9580\u7684\u6240\u6709\u7d44\u7e54\u512a\u5148\u4fee\u88dc\u9019\u500b\u88ab\u7a4d\u6975\u5229\u7528\u7684\u6f0f\u6d1e\u3002<\/p>\n\n\n\n<p>\u00a0&#8220;\u8f49\u8cbc\u3001\u5206\u4eab\u6216\u5f15\u7528\u6587\u7ae0\u5167\u5bb9\uff0c\u8acb\u8a3b\u660e\u51fa\u8655\u70ba\u7ae3\u76df\u79d1\u6280\u00a0<a href=\"https:\/\/www.billows.com.tw\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.billows.com.tw<\/a>\u00a0, \u4ee5\u514d\u89f8\u6cd5&#8221;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u8fd1\u65e5\uff0c\u7f8e\u570b\u7db2\u8def\u5b89\u5168\u66a8\u57fa\u790e\u8a2d\u65bd\u5b89\u5168\u5c40(CISA) \u4e0b\u4ee4\uff0c\u806f\u90a6\u6c11\u4e8b\u884c\u653f\u90e8\uff08FCEB\uff09\u5fc5\u9808\u5728 7 \u6708 22 \u65e5\u4e4b\u524d\uff0c <a class=\"read-more\" href=\"https:\/\/blog.billows.com.tw\/?p=2048\">READ MORE<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-2048","post","type-post","status-publish","format-standard","hentry","category-6"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2048","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2048"}],"version-history":[{"count":2,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2048\/revisions"}],"predecessor-version":[{"id":2425,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/2048\/revisions\/2425"}],"wp:attachment":[{"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2048"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2048"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.billows.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2048"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}