【威胁通告】微软发布12月补丁修复37个安全问题

微软于周二发布了12月安全更新补丁,修复了37个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及Adobe Flash Player、Device Guard、Microsoft Edge、Microsoft Exchange Server、Microsoft Malware Protection Engine、Microsoft Office、Microsoft Scripting Engine以及Microsoft Windows。

相关信息如下(红色部分威胁相对比较高):

产品CVE 编号CVE 标题
Adobe Flash PlayerADV170022December 2017 Flash 安全更新
Device GuardCVE-2017-11899Microsoft Windows 安全功能绕过漏洞
Microsoft EdgeCVE-2017-11888Microsoft Edge 内存破坏漏洞
Microsoft Exchange ServerCVE-2017-11932Microsoft Exchange 欺骗漏洞
Microsoft Exchange ServerADV170023Microsoft Exchange Defense in Depth Update
Microsoft Malware Protection EngineCVE-2017-11937Microsoft Malware Protection Engine 远程代码执行漏洞
Microsoft Malware Protection EngineCVE-2017-11940Microsoft Malware Protection Engine 远程代码执行漏洞
Microsoft OfficeADV170021Microsoft Office Defense in Depth Update
Microsoft OfficeCVE-2017-11934Microsoft PowerPoint 信息泄露漏洞
Microsoft OfficeCVE-2017-11935Microsoft Excel 远程代码执行漏洞
Microsoft OfficeCVE-2017-11936Microsoft SharePoint 特权提升漏洞
Microsoft OfficeCVE-2017-11939Microsoft Office 信息泄露漏洞
Microsoft Scripting EngineCVE-2017-11889Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11890Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11893Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11895Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11901Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11903Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11906Scripting Engine 信息泄露漏洞
Microsoft Scripting EngineCVE-2017-11908Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11909Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11910Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11911Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11912Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11913Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11914Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11918Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11930Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11886Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11887Scripting Engine 信息泄露漏洞
Microsoft Scripting EngineCVE-2017-11894Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11907Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11905Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11916Scripting Engine 内存破坏漏洞
Microsoft Scripting EngineCVE-2017-11919Scripting Engine 信息泄露漏洞
Microsoft WindowsCVE-2017-11885Windows RRAS Service 远程代码执行漏洞
Microsoft WindowsCVE-2017-11927Microsoft Windows 信息泄露漏洞

修复建议

微软官方已经发布更新补丁,请及时进行补丁更新。

附件下载

微软发布12月补丁修复37个安全问题

 

 

Meet The Author

Leave Comment