微软发布4月补丁修复76个安全问题安全威胁通告

微软于周二发布了4月安全更新补丁,修复了76个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及.NET Core、Adobe Flash Player、CSRSS、Microsoft Browsers、Microsoft Edge、Microsoft Exchange Server、Microsoft Graphics Component、Microsoft JET Database Engine、Microsoft Office、Microsoft Office SharePoint、Microsoft Scripting Engine、Microsoft Windows、Microsoft XML、Open Source Software、Servicing Stack Updates、Team Foundation Server、Windows Admin Center、Windows Kernel以及Windows SMB Server。

漏洞介绍

相关信息如下:

产品CVE 编号CVE 标题严重程度
.NET CoreCVE-2019-0815ASP.NET Core 拒绝服务漏洞Important
Adobe Flash PlayerADV190011April 2019 Adobe Flash 安全更新Critical
CSRSSCVE-2019-0735Windows CSRSS 特权提升漏洞Important
Microsoft BrowsersCVE-2019-0764Microsoft Browsers Tampering VulnerabilityLow
Microsoft EdgeCVE-2019-0833Microsoft Edge 信息泄露漏洞Important
Microsoft Exchange ServerCVE-2019-0858Microsoft Exchange 欺骗漏洞Important
Microsoft Exchange ServerCVE-2019-0817Microsoft Exchange 欺骗漏洞Important
Microsoft Graphics ComponentCVE-2019-0802Windows GDI 信息泄露漏洞Important
Microsoft Graphics ComponentCVE-2019-0803Win32k 特权提升漏洞Important
Microsoft Graphics ComponentCVE-2019-0849Windows GDI 信息泄露漏洞Important
Microsoft Graphics ComponentCVE-2019-0853GDI+ 远程代码执行漏洞Critical
Microsoft JET Database EngineCVE-2019-0846Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2019-0847Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2019-0851Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2019-0877Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2019-0879Jet Database Engine 远程代码执行漏洞Important
Microsoft OfficeCVE-2019-0822Microsoft Graphics Components 远程代码执行漏洞Important
Microsoft OfficeCVE-2019-0823Microsoft Office Access Connectivity Engine 远程代码执行漏洞Important
Microsoft OfficeCVE-2019-0824Microsoft Office Access Connectivity Engine 远程代码执行漏洞Important
Microsoft OfficeCVE-2019-0825Microsoft Office Access Connectivity Engine 远程代码执行漏洞Important
Microsoft OfficeCVE-2019-0826Microsoft Office Access Connectivity Engine 远程代码执行漏洞Important
Microsoft OfficeCVE-2019-0827Microsoft Office Access Connectivity Engine 远程代码执行漏洞Important
Microsoft OfficeCVE-2019-0801Office 远程代码执行漏洞Important
Microsoft OfficeCVE-2019-0828Microsoft Excel 远程代码执行漏洞Important
Microsoft Office SharePointCVE-2019-0830Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2019-0831Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Scripting EngineCVE-2019-0739Scripting Engine 内存破坏漏洞Critical
Microsoft Scripting EngineCVE-2019-0812Chakra Scripting Engine 内存破坏漏洞Critical
Microsoft Scripting EngineCVE-2019-0829Chakra Scripting Engine 内存破坏漏洞Critical
Microsoft Scripting EngineCVE-2019-0752Scripting Engine 内存破坏漏洞Important
Microsoft Scripting EngineCVE-2019-0753Scripting Engine 内存破坏漏洞Critical
Microsoft Scripting EngineCVE-2019-0806Chakra Scripting Engine 内存破坏漏洞Critical
Microsoft Scripting EngineCVE-2019-0810Chakra Scripting Engine 内存破坏漏洞Moderate
Microsoft Scripting EngineCVE-2019-0835Microsoft Scripting Engine 信息泄露漏洞Important
Microsoft Scripting EngineCVE-2019-0860Chakra Scripting Engine 内存破坏漏洞Moderate
Microsoft Scripting EngineCVE-2019-0861Chakra Scripting Engine 内存破坏漏洞Critical
Microsoft Scripting EngineCVE-2019-0862Scripting Engine 内存破坏漏洞Important
Microsoft WindowsCVE-2019-0794OLE Automation 远程代码执行漏洞Important
Microsoft WindowsCVE-2019-0805Windows 特权提升漏洞Important
Microsoft WindowsCVE-2019-0838Windows 信息泄露漏洞Important
Microsoft WindowsCVE-2019-0839Windows 信息泄露漏洞Important
Microsoft WindowsCVE-2019-0840Windows Kernel 信息泄露漏洞Important
Microsoft WindowsCVE-2019-0841Windows 特权提升漏洞Important
Microsoft WindowsCVE-2019-0842Windows VBScript Engine 远程代码执行漏洞Important
Microsoft WindowsCVE-2019-0845Windows IOleCvt Interface 远程代码执行漏洞Critical
Microsoft WindowsCVE-2019-0848Win32k 信息泄露漏洞Important
Microsoft WindowsCVE-2019-0685Win32k 特权提升漏洞Important
Microsoft WindowsCVE-2019-0688Windows TCP/IP 信息泄露漏洞Important
Microsoft WindowsCVE-2019-0730Windows 特权提升漏洞Important
Microsoft WindowsCVE-2019-0731Windows 特权提升漏洞Important
Microsoft WindowsCVE-2019-0732Windows 安全功能绕过漏洞Important
Microsoft WindowsCVE-2019-0796Windows 特权提升漏洞Important
Microsoft WindowsCVE-2019-0814Win32k 信息泄露漏洞Important
Microsoft WindowsCVE-2019-0836Windows 特权提升漏洞Important
Microsoft WindowsCVE-2019-0837DirectX 信息泄露漏洞Important
Microsoft XMLCVE-2019-0790MS XML 远程代码执行漏洞Critical
Microsoft XMLCVE-2019-0791MS XML 远程代码执行漏洞Critical
Microsoft XMLCVE-2019-0792MS XML 远程代码执行漏洞Critical
Microsoft XMLCVE-2019-0793MS XML 远程代码执行漏洞Critical
Microsoft XMLCVE-2019-0795MS XML 远程代码执行漏洞Critical
Open Source SoftwareCVE-2019-0876Open Enclave SDK 信息泄露漏洞Important
Servicing Stack UpdatesADV990001Latest Servicing Stack UpdatesCritical
Team Foundation ServerCVE-2019-0857Azure DevOps Server 欺骗漏洞Important
Team Foundation ServerCVE-2019-0866Azure DevOps Server and Team Foundation Server Cross-site Scripting VulnerabilityImportant
Team Foundation ServerCVE-2019-0867Azure DevOps Server and Team Foundation Server Cross-site Scripting VulnerabilityImportant
Team Foundation ServerCVE-2019-0868Azure DevOps Server and Team Foundation Server Cross-site Scripting VulnerabilityImportant
Team Foundation ServerCVE-2019-0869Azure DevOps Server HTML Injection VulnerabilityImportant
Team Foundation ServerCVE-2019-0870Azure DevOps Server and Team Foundation Server Cross-site Scripting VulnerabilityImportant
Team Foundation ServerCVE-2019-0871Azure DevOps Server and Team Foundation Server Cross-site Scripting VulnerabilityImportant
Team Foundation ServerCVE-2019-0874Azure DevOps Server Cross-site Scripting VulnerabilityImportant
Team Foundation ServerCVE-2019-0875Azure DevOps Server 特权提升漏洞Important
Windows Admin CenterCVE-2019-0813Windows Admin Center 特权提升漏洞Important
Windows KernelCVE-2019-0844Windows Kernel 信息泄露漏洞Important
Windows KernelCVE-2019-0856Windows 远程代码执行漏洞Important
Windows KernelCVE-2019-0859Win32k 特权提升漏洞Important
Windows SMB ServerCVE-2019-0786SMB Server 特权提升漏洞Critical

 

修复建议

微软官方已经发布更新补丁,请及时进行补丁更新。

 

附件下载

微软发布4月补丁修复76个安全问题

Spread the word. Share this post!

Meet The Author

Leave Comment