微软于周二发布了1月安全更新补丁,修复了51个从简单的欺骗攻击到远程执行代码的安全问题。
产品涉及.NET Framework、Adobe Flash Player、Android App、ASP.NET、Internet Explorer、Microsoft Edge、Microsoft Exchange Server、Microsoft JET Database Engine、Microsoft Office、Microsoft Office SharePoint、Microsoft Scripting Engine、Microsoft Windows、Microsoft XML、Servicing Stack Updates、Visual Studio、Windows COM、Windows DHCP Client、Windows Hyper-V、Windows Kernel以及Windows Subsystem for Linux。
漏洞简介
相关信息如下:
产品 |
CVE 编号 |
CVE 标题 |
严重程度 |
.NET Framework |
CVE-2019-0545 |
.NET Framework 信息泄露漏洞 |
Important |
Adobe Flash Player |
ADV190001 |
January 2019 Adobe Flash Update |
Unknown |
Android App |
CVE-2019-0622 |
Skype for Android 特权提升漏洞 |
Moderate |
ASP.NET |
CVE-2019-0548 |
ASP.NET Core 拒绝服务漏洞 |
Important |
ASP.NET |
CVE-2019-0564 |
ASP.NET Core 拒绝服务漏洞 |
Important |
Internet Explorer |
CVE-2019-0541 |
MSHTML Engine 远程代码执行漏洞 |
Important |
Microsoft Edge |
CVE-2019-0565 |
Microsoft Edge 内存破坏漏洞 |
Critical |
Microsoft Edge |
CVE-2019-0566 |
Microsoft Edge 特权提升漏洞 |
Important |
Microsoft Exchange Server |
CVE-2019-0586 |
Microsoft Exchange 内存破坏漏洞 |
Important |
Microsoft Exchange Server |
CVE-2019-0588 |
Microsoft Exchange 信息泄露漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0538 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0575 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0576 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0577 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0578 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0579 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0580 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0581 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0582 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0583 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0584 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft Office |
CVE-2019-0585 |
Microsoft Word 远程代码执行漏洞 |
Important |
Microsoft Office |
CVE-2019-0559 |
Microsoft Outlook 信息泄露漏洞 |
Important |
Microsoft Office |
CVE-2019-0560 |
Microsoft Office 信息泄露漏洞 |
Important |
Microsoft Office |
CVE-2019-0561 |
Microsoft Word 信息泄露漏洞 |
Important |
Microsoft Office SharePoint |
CVE-2019-0556 |
Microsoft Office SharePoint XSS Vulnerability |
Important |
Microsoft Office SharePoint |
CVE-2019-0557 |
Microsoft Office SharePoint XSS Vulnerability |
Important |
Microsoft Office SharePoint |
CVE-2019-0558 |
Microsoft Office SharePoint XSS Vulnerability |
Important |
Microsoft Office SharePoint |
CVE-2019-0562 |
Microsoft SharePoint 特权提升漏洞 |
Important |
Microsoft Scripting Engine |
CVE-2019-0539 |
Chakra Scripting Engine 内存破坏漏洞 |
Critical |
Microsoft Scripting Engine |
CVE-2019-0567 |
Chakra Scripting Engine 内存破坏漏洞 |
Critical |
Microsoft Scripting Engine |
CVE-2019-0568 |
Chakra Scripting Engine 内存破坏漏洞 |
Critical |
Microsoft Windows |
CVE-2019-0543 |
Microsoft Windows 特权提升漏洞 |
Important |
Microsoft Windows |
CVE-2019-0570 |
Windows Runtime 特权提升漏洞 |
Important |
Microsoft Windows |
CVE-2019-0571 |
Windows Data Sharing Service 特权提升漏洞 |
Important |
Microsoft Windows |
CVE-2019-0572 |
Windows Data Sharing Service 特权提升漏洞 |
Important |
Microsoft Windows |
CVE-2019-0573 |
Windows Data Sharing Service 特权提升漏洞 |
Important |
Microsoft Windows |
CVE-2019-0574 |
Windows Data Sharing Service 特权提升漏洞 |
Important |
Microsoft XML |
CVE-2019-0555 |
Microsoft XmlDocument 特权提升漏洞 |
Important |
Servicing Stack Updates |
ADV990001 |
Latest Servicing Stack Updates |
Critical |
Visual Studio |
CVE-2019-0537 |
Microsoft Visual Studio 信息泄露漏洞 |
Important |
Visual Studio |
CVE-2019-0546 |
Visual Studio 远程代码执行漏洞 |
Moderate |
Windows COM |
CVE-2019-0552 |
Windows COM 特权提升漏洞 |
Important |
Windows DHCP Client |
CVE-2019-0547 |
Windows DHCP Client 远程代码执行漏洞 |
Critical |
Windows Hyper-V |
CVE-2019-0550 |
Windows Hyper-V 远程代码执行漏洞 |
Critical |
Windows Hyper-V |
CVE-2019-0551 |
Windows Hyper-V 远程代码执行漏洞 |
Critical |
Windows Kernel |
CVE-2019-0536 |
Windows Kernel 信息泄露漏洞 |
Important |
Windows Kernel |
CVE-2019-0549 |
Windows Kernel 信息泄露漏洞 |
Important |
Windows Kernel |
CVE-2019-0554 |
Windows Kernel 信息泄露漏洞 |
Important |
Windows Kernel |
CVE-2019-0569 |
Windows Kernel 信息泄露漏洞 |
Important |
Windows Subsystem for Linux |
CVE-2019-0553 |
Windows Subsystem for Linux 信息泄露漏洞 |
Important |
修复建议
微软官方已经发布更新补丁,请及时进行补丁更新。
附录