SafeBreach¤Ï8·î7Æü(Êƹñ»þ´Ö)¡¢¡ÖDowngrade Attacks Using Windows Updates¡ÃSafeBreach¡×¤Ë¤ª¤¤¤Æ¡¢Microsoft Windows¤«¤éÊ£¿ô¤Î¥¼¥í¥Ç¥¤¤ÎÀȼåÀ­¤òȯ¸«¤·¤¿¤ÈÊ󤸤¿¡£¤³¤ì¤éÀȼåÀ­¤Ï¡¢È¯¸«¼Ô¤Ë¤è¤ê¡ÖWindows Downdate¡×¤È̾ÉÕ¤±¤é¤ì¤Æ¤ª¤ê¡¢°­ÍѤµ¤ì¤ë¤È½¤Àµ¥Ñ¥Ã¥Á¤ò¥í¡¼¥ë¥Ð¥Ã¥¯¤µ¤ì¤ë²ÄǽÀ­¤¬¤¢¤ë¡£

Windows Downdate¤Ï2024ǯ2·î¤ËMicrosoft¤ËÊó¹ð¤µ¤ì¤¿¤¬¡¢½¤Àµ¥Ñ¥Ã¥Á¤Ï¸ø³«¤µ¤ì¤Æ¤¤¤Ê¤¤¡£º£²ó¤ÏÀȼåÀ­¾ðÊóÄ´À°(CVD: Coordinated Vulnerability Disclosure)¤Î¹Í¤¨¤Ë´ð¤Å¤­Ì¤²ò·è¤Î¤Þ¤Þ¾ðÊ󤬸ø³«¤µ¤ì¤¿(»²¹Í¡§¡ÖJPCERT ¥³¡¼¥Ç¥£¥Í¡¼¥·¥ç¥ó¥»¥ó¥¿¡¼ ÀȼåÀ­Âкö¾ðÊó¡×)¡£

Downgrade Attacks Using Windows Updates¡ÃSafeBreach

¡ûÀȼåÀ­¤Î¾ðÊó

ÀȼåÀ­¤Ë´Ø¤¹¤ë¾ðÊó¤Ï¼¡¤Î¥Ú¡¼¥¸¤Ë¤Þ¤È¤Þ¤Ã¤Æ¤¤¤ë¡£

CVE-2024-38202 - ¥»¥­¥å¥ê¥Æ¥£¹¹¿·¥×¥í¥°¥é¥à ¥¬¥¤¥É - Microsoft - Windows Update Stack Elevation of Privilege Vulnerability

CVE-2024-21302 - ¥»¥­¥å¥ê¥Æ¥£¹¹¿·¥×¥í¥°¥é¥à ¥¬¥¤¥É - Microsoft - Windows Secure Kernel Mode Elevation of Privilege Vulnerability

ÀȼåÀ­¤Î¾ðÊó(CVE)¤Ï¼¡¤Î¤È¤ª¤ê¡£

CVE-2024-38202 - Windows¥Ð¥Ã¥¯¥¢¥Ã¥×¤ËÆø¢¾º³Ê¤ÎÀȼåÀ­¡£¥·¥¹¥Æ¥à¤Ë¥í¥°¥¤¥ó²Äǽ¤Ê¹¶·â¼Ô¤ÏÆø¢¥æ¡¼¥¶¡¼¤Ë¤è¤ëÄɲäÎÁàºî¤ò²ð¤·¤Æ½¤Àµ¥Ñ¥Ã¥Á¤Î¥í¡¼¥ë¥Ð¥Ã¥¯¤ª¤è¤Ó²¾ÁÛ²½¥Ù¡¼¥¹¤Î¥»¥­¥å¥ê¥Æ¥£(VBS: Virtualization-based Security)¤Î°ìÉôµ¡Ç½¤ò²óÈò¤¹¤ë²ÄǽÀ­¤¬¤¢¤ë

CVE-2024-21302 - ²¾ÁÛ²½¥Ù¡¼¥¹¤Î¥»¥­¥å¥ê¥Æ¥£¤ò¥µ¥Ý¡¼¥È¤¹¤ë¥·¥¹¥Æ¥à¤ËÆø¢¾º³Ê¤ÎÀȼåÀ­¡£´ÉÍý¼Ô¸¢¸Â¤ò»ý¤Ä¹¶·â¼Ô¤ÏWindows¤Î¥·¥¹¥Æ¥à¥Õ¥¡¥¤¥ë¤ò¸Å¤¤¥Ð¡¼¥¸¥ç¥ó¤ËÃÖ¤­´¹¤¨¤ë¤³¤È¤¬¤Ç¤­¤ë

¡ûÀȼåÀ­¤¬Â¸ºß¤¹¤ëÀ½ÉÊ

ÀȼåÀ­¤¬Â¸ºß¤¹¤ë¤È¤ß¤é¤ì¤ëÀ½Éʤª¤è¤Ó¥Ð¡¼¥¸¥ç¥ó¤Ï¼¡¤Î¤È¤ª¤ê¡£¤³¤ì¤é¤ÏÊѹ¹¤µ¤ì¤ë²ÄǽÀ­¤¬¤¢¤ë¡£

Windows 11 Version 23H2

Windows 11 Version 22H2

Windows 11 Version 21H2

Windows 10 Version 22H2

Windows 10 Version 21H2

Windows 10 Version 1809

Windows 10 Version 1607

Windows 10

Windows Server 2022, 23H2 Edition

Windows Server 2022

Windows Server 2019

Windows Server 2016

¡û±Æ¶Á¤ÈÂкö

Windows Downdate¤ò°­ÍѤµ¤ì¤ë¤È¡¢¹¶·â¼Ô¤Ï²áµî¤ÎÀȼåÀ­¤ò¤¹¤Ù¤ÆÉü¸µ¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£¤³¤ÎÊѹ¹¤ÏWindows Update¤«¤é¸¡½Ð¤µ¤ì¤Ê¤¤¤¿¤á¡¢´ÉÍý¼Ô¤Ïǧ¼±¤Ç¤­¤Ê¤¤¤È¤¤¤¦¡£¤½¤Î·ë²Ì¡¢¹¶·â¼Ô¤Ï¥»¥­¥å¥ê¥Æ¥£¥½¥ê¥å¡¼¥·¥ç¥ó¤ò»ÈÍѤ·¤Æ¤âËɸæ¤Ç¤­¤Ê¤¤Àȼå¤Ê´Ä¶­¤ò¹½À®¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£

¤³¤ì¤éÀȼåÀ­¤Î¤¦¤Á¡¢ºÇ¤â¿¼¹ïÅ٤ι⤤¤â¤Î¤Ï½ÅÍ×(Important)¤Èɾ²Á¤µ¤ì¤Æ¤ª¤êÃí°Õ¤¬É¬Íס£Microsoft¤Ï½¤Àµ¥Ñ¥Ã¥ÁÄ󶡤ޤǤδ֡¢·Ú¸ººö¤È¤·¤Æ°Ê²¼¤ò»²¹Í¤ËºÇ¾®¸¢¸Â¤Î¸¶Â§¤ò¼Â»Ü¤¹¤ë¤è¤¦¿ä¾©¤·¤Æ¤¤¤ë¡£

Audit: Audit the use of Backup and Restore privilege (Windows 10) - Windows 10 | Microsoft Learn

Audit Sensitive Privilege Use - Windows 10 | Microsoft Learn

Creating a DACL - Win32 apps | Microsoft Learn

Audit Sensitive Privilege Use - Windows 10 | Microsoft Learn

SafeBreach¤ÏÊó¹ð¤ÎºÇ¸å¤Ë¡¢¸åÆü¤³¤ì¤éÀȼåÀ­¤Î¥¨¥¯¥¹¥×¥í¥¤¥È¤ò¸ø³«¤¹¤ëͽÄê¤Èȯɽ¤·¤¿¡£¤³¤Î¥¨¥¯¥¹¥×¥í¥¤¥È¤Ï´ë¶È¤Î¥»¥­¥å¥ê¥Æ¥£Ä´ºº¤È¥ê¥¹¥¯·Ú¸º¤Ë³èÍѤǤ­¤ë¤È¤¤¤¦¡£