Описание
Windows Shell Remote Code Execution Vulnerability
Обходное решение
The following workaround may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as they become available even if you plan to leave this workaround in place:
To remove Microsoft Japanese IME entirely from logon UI the following steps are required.
First, you must remove the Japanese language (not IME) from every account on the affected device. As long as there is an account where Japanese is installed, logon will continue to show Microsoft JPN IME.
- For each account on the affected device, sign in to the account.
- Select Settings, select Time & language.
- For Windows 11, select Language & region. For Windows 10, select Language.
- Select Japanese and then select Remove. Note that you cannot do this if Japanese is the only language installed or is located at the top in the language list. You will need to add another language to move Japanese down to second or later in the list. Then you can remove the Japanese entry.
Second, you need to make sure the Welcome screen input language is not set to Japanese.
- Select Settings, select Time & language.
- For Windows 11, select Language & region. For Windows 10, select Language.
- Select Administrative language settings then click Copy Settings to view the Welcome screen and new user accounts settings dialog box.
- Click the Administrative tab to view language settings.
- Under Welcome screen make sure Input language is not Japanese (Japan) – Microsoft IME. If it is, make sure Input language under **Current user ** is not Japanese (Japan) – Microsoft IME, then select Welcome screen and system accounts at the bottom of the dialog box and click OK to update the Welcome screen setting.
Impact of workaround Japanese will not be the display language on the device.
How to undo the workaround
- Sign into each account and repeat the workaround steps to select Japanese for the language.
- In the device Settings repeat the steps to update the Welcome screen setting to Japanese.
FAQ
How could an attacker exploit this vulnerability?
An unauthenticated attacker could interact with the login screen of a vulnerable system in a specific manner to execute code on that system.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2016 | ||
| Windows 10 Version 1607 for 32-bit Systems | ||
| Windows 10 Version 1607 for x64-based Systems | ||
| Windows Server 2016 (Server Core installation) | ||
| Windows 10 Version 1809 for 32-bit Systems | ||
| Windows 10 Version 1809 for x64-based Systems | ||
| Windows 10 Version 1809 for ARM64-based Systems | ||
| Windows Server 2019 | ||
| Windows Server 2019 (Server Core installation) | ||
| Windows 10 Version 20H2 for 32-bit Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
8.4 High
CVSS3
Связанные уязвимости
Windows Shell Remote Code Execution Vulnerability.
Уязвимость компонента Windows Shell операционных систем Windows, позволяющая нарушителю выполнить произвольный код
EPSS
8.4 High
CVSS3