这表明可能存在针对 Microsoft Active Directory 中的权限提升漏洞的攻击。该漏洞是由于对用户提供的输入的清理不足造成的。远程攻击者可能能够利用此漏洞通过精心设计的请求在应用程序上下文中执行任意代码。

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server, version 20H2 (Server Core Installation) Windows Server, version 2004 (Server Core installation)

特权升级：远程攻击者可以利用他们对易受攻击的系统的特权。

有关建议的解决方法，请参阅供应商的网站。 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42278