微软发布9月补丁修复81个安全问题

综述

  微软于周二发布了9月安全更新补丁,修复了81个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及.NET Core、.NET Framework、Active Directory、Adobe Flash Player、ASP.NET、Common Log File System Driver、Microsoft Browsers、Microsoft Edge、Microsoft Exchange Server、Microsoft Graphics Component、Microsoft JET Database Engine、Microsoft Office、Microsoft Office SharePoint、Microsoft Scripting Engine、Microsoft Windows、Microsoft Yammer、Project Rome、Servicing Stack Updates、Skype for Business and Microsoft Lync、Team Foundation Server、Visual Studio、Windows Hyper-V、Windows Kernel以及Windows RDP。

相关信息如下:

产品CVE 编号CVE 标题严重程度
.NET CoreCVE-2019-1301.NET Core 拒绝服务漏洞Important
.NET FrameworkCVE-2019-1142.NET Framework 特权提升漏洞Important
Active DirectoryCVE-2019-1273Active Directory Federation Services XSS VulnerabilityImportant
Adobe Flash PlayerADV190022September 2019 Adobe Flash 安全更新Critical
ASP.NETCVE-2019-1302ASP.NET Core Elevation Of Privilege VulnerabilityImportant
Common Log File System DriverCVE-2019-1214Windows Common Log File System Driver 特权提升漏洞Important
Common Log File System DriverCVE-2019-1282Windows Common Log File System Driver 信息泄露漏洞Important
Microsoft BrowsersCVE-2019-1220Microsoft Browser 安全功能绕过漏洞Important
Microsoft EdgeCVE-2019-1299Microsoft Edge based on Edge HTML 信息泄露漏洞Important
Microsoft Exchange ServerCVE-2019-1233Microsoft Exchange 拒绝服务漏洞Important
Microsoft Exchange ServerCVE-2019-1266Microsoft Exchange 欺骗漏洞Important
Microsoft Graphics ComponentCVE-2019-1216DirectX 信息泄露漏洞Important
Microsoft Graphics ComponentCVE-2019-1244DirectWrite 信息泄露漏洞Important
Microsoft Graphics ComponentCVE-2019-1245DirectWrite 信息泄露漏洞Important
Microsoft Graphics ComponentCVE-2019-1251DirectWrite 信息泄露漏洞Important
Microsoft Graphics ComponentCVE-2019-1252Windows GDI 信息泄露漏洞Important
Microsoft Graphics ComponentCVE-2019-1283Microsoft Graphics Components 信息泄露漏洞Important
Microsoft Graphics ComponentCVE-2019-1284DirectX 特权提升漏洞Important
Microsoft Graphics ComponentCVE-2019-1286Windows GDI 信息泄露漏洞Important
Microsoft JET Database EngineCVE-2019-1240Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2019-1241Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2019-1242Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2019-1243Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2019-1246Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2019-1247Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2019-1248Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2019-1249Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2019-1250Jet Database Engine 远程代码执行漏洞Important
Microsoft OfficeCVE-2019-1297Microsoft Excel 远程代码执行漏洞Important
Microsoft OfficeCVE-2019-1263Microsoft Excel 信息泄露漏洞Important
Microsoft OfficeCVE-2019-1264Microsoft Office 安全功能绕过漏洞Important
Microsoft Office SharePointCVE-2019-1257Microsoft SharePoint 远程代码执行漏洞Critical
Microsoft Office SharePointCVE-2019-1259Microsoft SharePoint 欺骗漏洞Moderate
Microsoft Office SharePointCVE-2019-1260Microsoft SharePoint 特权提升漏洞Important
Microsoft Office SharePointCVE-2019-1261Microsoft SharePoint 欺骗漏洞Important
Microsoft Office SharePointCVE-2019-1262Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2019-1295Microsoft SharePoint 远程代码执行漏洞Critical
Microsoft Office SharePointCVE-2019-1296Microsoft SharePoint 远程代码执行漏洞Critical
Microsoft Scripting EngineCVE-2019-1138Chakra Scripting Engine 内存破坏漏洞Moderate
Microsoft Scripting EngineCVE-2019-1208VBScript 远程代码执行漏洞Critical
Microsoft Scripting EngineCVE-2019-1217Chakra Scripting Engine 内存破坏漏洞Critical
Microsoft Scripting EngineCVE-2019-1221Scripting Engine 内存破坏漏洞Critical
Microsoft Scripting EngineCVE-2019-1236VBScript 远程代码执行漏洞Critical
Microsoft Scripting EngineCVE-2019-1237Chakra Scripting Engine 内存破坏漏洞Critical
Microsoft Scripting EngineCVE-2019-1298Chakra Scripting Engine 内存破坏漏洞Moderate
Microsoft Scripting EngineCVE-2019-1300Chakra Scripting Engine 内存破坏漏洞Critical
Microsoft WindowsCVE-2019-1215Windows 特权提升漏洞Important
Microsoft WindowsCVE-2019-1219Windows Transaction Manager 信息泄露漏洞Important
Microsoft WindowsCVE-2019-1267Microsoft Compatibility Appraiser 特权提升漏洞Important
Microsoft WindowsCVE-2019-1268Winlogon 特权提升漏洞Important
Microsoft WindowsCVE-2019-1269Windows ALPC 特权提升漏洞Important
Microsoft WindowsCVE-2019-1270Microsoft Windows Store Installer 特权提升漏洞Important
Microsoft WindowsCVE-2019-1271Windows Media 特权提升漏洞Important
Microsoft WindowsCVE-2019-1272Windows ALPC 特权提升漏洞Important
Microsoft WindowsCVE-2019-1235Windows Text Service Framework 特权提升漏洞Important
Microsoft WindowsCVE-2019-1253Windows 特权提升漏洞Important
Microsoft WindowsCVE-2019-1277Windows Audio Service 特权提升漏洞Important
Microsoft WindowsCVE-2019-1278Windows 特权提升漏洞Important
Microsoft WindowsCVE-2019-1280LNK 远程代码执行漏洞Critical
Microsoft WindowsCVE-2019-1287Windows Network Connectivity Assistant 特权提升漏洞Important
Microsoft WindowsCVE-2019-1289Windows Update Delivery Optimization 特权提升漏洞Important
Microsoft WindowsCVE-2019-1292Windows 拒绝服务漏洞Important
Microsoft WindowsCVE-2019-1294Windows Secure Boot 安全功能绕过漏洞Important
Microsoft WindowsCVE-2019-1303Windows 特权提升漏洞Important
Microsoft YammerCVE-2019-1265Microsoft Yammer 安全功能绕过漏洞Important
Project RomeCVE-2019-1231Rome SDK 信息泄露漏洞Important
Servicing Stack UpdatesADV990001Latest Servicing Stack UpdatesCritical
Skype for Business and Microsoft LyncCVE-2019-1209Lync 2013 信息泄露漏洞Important
Team Foundation ServerCVE-2019-1305Team Foundation Server Cross-site Scripting VulnerabilityImportant
Team Foundation ServerCVE-2019-1306Azure DevOps and Team Foundation Server 远程代码执行漏洞Critical
Visual StudioCVE-2019-1232Diagnostics Hub Standard Collector Service 特权提升漏洞Important
Windows Hyper-VCVE-2019-0928Windows Hyper-V 拒绝服务漏洞Important
Windows Hyper-VCVE-2019-1254Windows Hyper-V 信息泄露漏洞Important
Windows KernelCVE-2019-1274Windows Kernel 信息泄露漏洞Important
Windows KernelCVE-2019-1256Win32k 特权提升漏洞Important
Windows KernelCVE-2019-1285Win32k 特权提升漏洞Important
Windows KernelCVE-2019-1293Windows SMB Client Driver 信息泄露漏洞Important
Windows RDPCVE-2019-0787Remote Desktop Client 远程代码执行漏洞Critical
Windows RDPCVE-2019-0788Remote Desktop Client 远程代码执行漏洞Critical
Windows RDPCVE-2019-1290Remote Desktop Client 远程代码执行漏洞Critical
Windows RDPCVE-2019-1291Remote Desktop Client 远程代码执行漏洞Critical

修复建议

微软官方已经发布更新补丁,请及时进行补丁更新。


发表评论

评论已关闭。

相关文章