微软发布7月补丁修复79个安全问题

# 漏洞公告 2019-07-09 16:21 0 1,326 来源：郑州市网络安全协会

综述

微软于周二发布了7月安全更新补丁，修复了79个从简单的欺骗攻击到远程执行代码的安全问题，产品涉及.NET Framework、ASP.NET、Azure、Azure DevOps、Internet Explorer、Microsoft Browsers、Microsoft Exchange Server、Microsoft Graphics Component、Microsoft Office、Microsoft Office SharePoint、Microsoft Scripting Engine、Microsoft Windows、Microsoft Windows DNS、Open Source Software、Servicing Stack Updates、SQL Server、Visual Studio、Windows Kernel、Windows Media、Windows RDP以及Windows Shell。

相关信息如下：

产品	CVE 编号	CVE 标题	严重程度
.NET Framework	CVE-2019-1113	.NET Framework 远程代码执行漏洞	Critical
.NET Framework	CVE-2019-1006	WCF/WIF SAML Token Authentication Bypass Vulnerability	Important
.NET Framework	CVE-2019-1083	.NET 拒绝服务漏洞	Important
ASP.NET	CVE-2019-1075	ASP.NET Core 欺骗漏洞	Moderate
Azure	CVE-2019-0962	Azure Automation 特权提升漏洞	Important
Azure DevOps	CVE-2019-1072	Azure DevOps Server and Team Foundation Server 远程代码执行漏洞	Critical
Azure DevOps	CVE-2019-1076	Team Foundation Server Cross-site Scripting Vulnerability	Important
Internet Explorer	CVE-2019-1063	Internet Explorer 内存破坏漏洞	Critical
Microsoft Browsers	CVE-2019-1104	Microsoft Browser 内存破坏漏洞	Critical
Microsoft Exchange Server	CVE-2019-1136	Microsoft Exchange Server 特权提升漏洞	Important
Microsoft Exchange Server	CVE-2019-1137	Microsoft Exchange Server 欺骗漏洞	Important
Microsoft Exchange Server	ADV190021	Outlook on the web 跨站脚本漏洞	Important
Microsoft Graphics Component	CVE-2019-1093	DirectWrite 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1094	Windows GDI 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1095	Windows GDI 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1096	Win32k 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1097	DirectWrite 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1098	Windows GDI 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1100	Windows GDI 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1101	Windows GDI 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1102	GDI+ 远程代码执行漏洞	Critical
Microsoft Graphics Component	CVE-2019-1116	Windows GDI 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1117	DirectWrite 远程代码执行漏洞	Important
Microsoft Graphics Component	CVE-2019-1118	DirectWrite 远程代码执行漏洞	Important
Microsoft Graphics Component	CVE-2019-1119	DirectWrite 远程代码执行漏洞	Important
Microsoft Graphics Component	CVE-2019-1120	DirectWrite 远程代码执行漏洞	Important
Microsoft Graphics Component	CVE-2019-1121	DirectWrite 远程代码执行漏洞	Important
Microsoft Graphics Component	CVE-2019-1122	DirectWrite 远程代码执行漏洞	Important
Microsoft Graphics Component	CVE-2019-1123	DirectWrite 远程代码执行漏洞	Important
Microsoft Graphics Component	CVE-2019-1124	DirectWrite 远程代码执行漏洞	Important
Microsoft Graphics Component	CVE-2019-1127	DirectWrite 远程代码执行漏洞	Important
Microsoft Graphics Component	CVE-2019-1128	DirectWrite 远程代码执行漏洞	Important
Microsoft Graphics Component	CVE-2019-0999	DirectX 特权提升漏洞	Important
Microsoft Office	CVE-2019-1109	Microsoft Office 欺骗漏洞	Important
Microsoft Office	CVE-2019-1110	Microsoft Excel 远程代码执行漏洞	Important
Microsoft Office	CVE-2019-1111	Microsoft Excel 远程代码执行漏洞	Important
Microsoft Office	CVE-2019-1112	Microsoft Excel 信息泄露漏洞	Important
Microsoft Office	CVE-2019-1084	Microsoft Exchange 信息泄露漏洞	Important
Microsoft Office SharePoint	CVE-2019-1134	Microsoft Office SharePoint XSS Vulnerability	Important
Microsoft Scripting Engine	CVE-2019-1056	Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1059	Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1062	Chakra Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1092	Chakra Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1103	Chakra Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1106	Chakra Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1107	Chakra Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1001	Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1004	Scripting Engine 内存破坏漏洞	Critical
Microsoft Windows	CVE-2019-0865	SymCrypt 拒绝服务漏洞	Important
Microsoft Windows	CVE-2019-0887	Remote Desktop Services 远程代码执行漏洞	Important
Microsoft Windows	CVE-2019-0966	Windows Hyper-V 拒绝服务漏洞	Important
Microsoft Windows	CVE-2019-0975	ADFS 安全功能绕过漏洞	Important
Microsoft Windows	CVE-2019-1126	ADFS 安全功能绕过漏洞	Important
Microsoft Windows	CVE-2019-0785	Windows DHCP Server 远程代码执行漏洞	Critical
Microsoft Windows	CVE-2019-0880	Microsoft splwow64 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1037	Windows Error Reporting 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1067	Windows Kernel 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1074	Microsoft Windows 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1082	Microsoft Windows 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1091	Microsoft unistore.dll 信息泄露漏洞	Important
Microsoft Windows	CVE-2019-1129	Windows 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1130	Windows 特权提升漏洞	Important
Microsoft Windows DNS	CVE-2019-0811	Windows DNS Server 拒绝服务漏洞	Important
Microsoft Windows DNS	CVE-2019-1090	Windows dnsrlvr.dll 特权提升漏洞	Important
Open Source Software	CVE-2018-15664	Docker 特权提升漏洞	Important
Servicing Stack Updates	ADV990001	Latest Servicing Stack Updates	Critical
SQL Server	CVE-2019-1068	Microsoft SQL Server 远程代码执行漏洞	Important
Visual Studio	CVE-2019-1077	Visual Studio 特权提升漏洞	Important
Visual Studio	CVE-2019-1079	Visual Studio 信息泄露漏洞	Important
Windows Kernel	CVE-2019-1071	Windows Kernel 信息泄露漏洞	Important
Windows Kernel	CVE-2019-1073	Windows Kernel 信息泄露漏洞	Important
Windows Kernel	CVE-2019-1089	Windows RPCSS 特权提升漏洞	Important
Windows Kernel	CVE-2019-1132	Win32k 特权提升漏洞	Important
Windows Media	CVE-2019-1085	Windows WLAN Service 特权提升漏洞	Important
Windows Media	CVE-2019-1086	Windows Audio Service 特权提升漏洞	Important
Windows Media	CVE-2019-1087	Windows Audio Service 特权提升漏洞	Important
Windows Media	CVE-2019-1088	Windows Audio Service 特权提升漏洞	Important
Windows RDP	CVE-2019-1108	Remote Desktop Protocol Client 信息泄露漏洞	Important
Windows Shell	CVE-2019-1099	Windows GDI 信息泄露漏洞	Important