01 漏洞概况 Windows 任务计划程序是系统中的一个组件,可以预先计划在特定时间或指定时间后启动程序或脚本,还可以设置为响应事件的触发形式。其中存在权限提升漏洞,攻击者可以利用该漏洞在目标系统获取更高的权限。02 漏洞处置综合处置优先级:高漏洞信息漏洞名称Windows 任务计划程序特权提升漏洞漏洞编号CVE编号CVE-2024-49039漏洞评估披露时间2024-11-12漏洞类型权限提升危害评级高危公开程度PoC未公开威胁类型远程利用情报在野利用是影响产品产品名称Windows系统受影响版本Windows Server 2016 (Server Core installation),Windows Server 2016,Windows 10 Version 1607 for x64-based Systems,Windows 10 Version 1607 for 32-bit Systems,Windows 10 for x64-based Systems,Windows 10 for 32-bit Systems,Windows 11 Version 24H2 for x64-based Systems,Windows 11 Version 24H2 for x64-based Systems,Windows 11 Version 24H2 for ARM64-based Systems,Windows 11 Version 24H2 for ARM64-based Systems,Windows Server 2022, 23H2 Edition (Server Core installation),Windows 11 Version 23H2 for x64-based Systems,Windows 11 Version 23H2 for ARM64-based Systems,Windows 10 Version 22H2 for 32-bit Systems,Windows 10 Version 22H2 for ARM64-based Systems,Windows 10 Version 22H2 for x64-based Systems,Windows 11 Version 22H2 for x64-based Systems,Windows 11 Version 22H2 for ARM64-based Systems,Windows 10 Version 21H2 for x64-based Systems,Windows 10 Version 21H2 for ARM64-based Systems,Windows 10 Version 21H2 for 32-bit Systems,Windows Server 2022 (Server Core installation),Windows Server 2022 (Server Core installation),Windows Server 2022,Windows Server 2022,Windows Server 2019 (Server Core installation),Windows Server 2019,Windows 10 Version 1809 for x64-based Systems,Windows 10 Version 1809 for 32-bit Systems,Windows Server 2025 (Server Core installation),Windows Server 2025 (Server Core installation),Windows Server 2025,Windows Server 2025影响范围广有无修复补丁有
