微软于周二发布了2月安全更新补丁,修复了79个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及.NET Framework、Adobe Flash Player、Azure、Internet Explorer、Microsoft Browsers、Microsoft Edge、Microsoft Exchange Server、Microsoft Graphics Component、Microsoft JET Database Engine、Microsoft Office、Microsoft Office SharePoint、Microsoft Scripting Engine、Microsoft Windows、Servicing Stack Updates、Team Foundation Server、Visual Studio、Windows DHCP Server、Windows Hyper-V、Windows Kernel以及Windows SMB Server。
漏洞列表
相关信息如下:
产品 | CVE 编号 | CVE 标题 | 严重程度 |
.NET Framework | CVE-2019-0657 | .NET Framework and Visual Studio 欺骗漏洞 | Important |
.NET Framework | CVE-2019-0613 | .NET Framework and Visual Studio 远程代码执行漏洞 | Important |
Adobe Flash Player | ADV190003 | February 2019 Adobe Flash 安全更新 | Critical |
Azure | CVE-2019-0729 | Azure IoT Java SDK 特权提升漏洞 | Important |
Azure | CVE-2019-0741 | Azure IoT Java SDK 信息泄露漏洞 | Important |
Internet Explorer | CVE-2019-0606 | Internet Explorer 内存破坏漏洞 | Critical |
Internet Explorer | CVE-2019-0676 | Internet Explorer 信息泄露漏洞 | Important |
Microsoft Browsers | CVE-2019-0654 | Microsoft Browser 欺骗漏洞 | Important |
Microsoft Edge | CVE-2019-0641 | Microsoft Edge 安全功能绕过漏洞 | Moderate |
Microsoft Edge | CVE-2019-0643 | Microsoft Edge 信息泄露漏洞 | Moderate |
Microsoft Edge | CVE-2019-0645 | Microsoft Edge 内存破坏漏洞 | Critical |
Microsoft Edge | CVE-2019-0650 | Microsoft Edge 内存破坏漏洞 | Critical |
Microsoft Edge | CVE-2019-0634 | Microsoft Edge 内存破坏漏洞 | Moderate |
Microsoft Exchange Server | ADV190004 | February 2019 Oracle Outside In Library 安全更新 | Unknown |
Microsoft Exchange Server | CVE-2019-0686 | Microsoft Exchange Server 特权提升漏洞 | Important |
Microsoft Exchange Server | CVE-2019-0724 | Microsoft Exchange Server 特权提升漏洞 | Important |
Microsoft Exchange Server | ADV190007 | Guidance for “PrivExchange” 特权提升漏洞 | Unknown |
Microsoft Graphics Component | CVE-2019-0660 | Windows GDI 信息泄露漏洞 | Important |
Microsoft Graphics Component | CVE-2019-0662 | GDI+ 远程代码执行漏洞 | Critical |
Microsoft Graphics Component | CVE-2019-0664 | Windows GDI 信息泄露漏洞 | Important |
Microsoft Graphics Component | CVE-2019-0602 | Windows GDI 信息泄露漏洞 | Important |
Microsoft Graphics Component | CVE-2019-0615 | Windows GDI 信息泄露漏洞 | Important |
Microsoft Graphics Component | CVE-2019-0616 | Windows GDI 信息泄露漏洞 | Important |
Microsoft Graphics Component | CVE-2019-0618 | GDI+ 远程代码执行漏洞 | Critical |
Microsoft Graphics Component | CVE-2019-0619 | Windows GDI 信息泄露漏洞 | Important |
Microsoft JET Database Engine | CVE-2019-0625 | Jet Database Engine 远程代码执行漏洞 | Important |
Microsoft JET Database Engine | CVE-2019-0595 | Jet Database Engine 远程代码执行漏洞 | Important |
Microsoft JET Database Engine | CVE-2019-0596 | Jet Database Engine 远程代码执行漏洞 | Important |
Microsoft JET Database Engine | CVE-2019-0597 | Jet Database Engine 远程代码执行漏洞 | Important |
Microsoft JET Database Engine | CVE-2019-0598 | Jet Database Engine 远程代码执行漏洞 | Important |
Microsoft JET Database Engine | CVE-2019-0599 | Jet Database Engine 远程代码执行漏洞 | Important |
Microsoft Office | CVE-2019-0540 | Microsoft Office 安全功能绕过漏洞 | Important |
Microsoft Office | CVE-2019-0671 | Microsoft Office Access Connectivity Engine 远程代码执行漏洞 | Important |
Microsoft Office | CVE-2019-0672 | Microsoft Office Access Connectivity Engine 远程代码执行漏洞 | Important |
Microsoft Office | CVE-2019-0673 | Microsoft Office Access Connectivity Engine 远程代码执行漏洞 | Important |
Microsoft Office | CVE-2019-0674 | Microsoft Office Access Connectivity Engine 远程代码执行漏洞 | Important |
Microsoft Office | CVE-2019-0675 | Microsoft Office Access Connectivity Engine 远程代码执行漏洞 | Important |
Microsoft Office | CVE-2019-0669 | Microsoft Excel 信息泄露漏洞 | Important |
Microsoft Office SharePoint | CVE-2019-0668 | Microsoft SharePoint 特权提升漏洞 | Important |
Microsoft Office SharePoint | CVE-2019-0670 | Microsoft SharePoint 欺骗漏洞 | Moderate |
Microsoft Office SharePoint | CVE-2019-0594 | Microsoft SharePoint 远程代码执行漏洞 | Critical |
Microsoft Office SharePoint | CVE-2019-0604 | Microsoft SharePoint 远程代码执行漏洞 | Critical |
Microsoft Scripting Engine | CVE-2019-0607 | Scripting Engine 内存破坏漏洞 | Critical |
Microsoft Scripting Engine | CVE-2019-0610 | Scripting Engine 内存破坏漏洞 | Important |
Microsoft Scripting Engine | CVE-2019-0640 | Scripting Engine 内存破坏漏洞 | Critical |
Microsoft Scripting Engine | CVE-2019-0642 | Scripting Engine 内存破坏漏洞 | Critical |
Microsoft Scripting Engine | CVE-2019-0644 | Scripting Engine 内存破坏漏洞 | Moderate |
Microsoft Scripting Engine | CVE-2019-0648 | Scripting Engine 信息泄露漏洞 | Important |
Microsoft Scripting Engine | CVE-2019-0649 | Scripting Engine Elevation of Privileged Vulnerability | Important |
Microsoft Scripting Engine | CVE-2019-0651 | Scripting Engine 内存破坏漏洞 | Critical |
Microsoft Scripting Engine | CVE-2019-0652 | Scripting Engine 内存破坏漏洞 | Critical |
Microsoft Scripting Engine | CVE-2019-0655 | Scripting Engine 内存破坏漏洞 | Moderate |
Microsoft Scripting Engine | CVE-2019-0658 | Scripting Engine 信息泄露漏洞 | Important |
Microsoft Scripting Engine | CVE-2019-0590 | Scripting Engine 内存破坏漏洞 | Critical |
Microsoft Scripting Engine | CVE-2019-0591 | Scripting Engine 内存破坏漏洞 | Critical |
Microsoft Scripting Engine | CVE-2019-0593 | Scripting Engine 内存破坏漏洞 | Critical |
Microsoft Scripting Engine | CVE-2019-0605 | Scripting Engine 内存破坏漏洞 | Moderate |
Microsoft Windows | CVE-2019-0659 | Windows Storage Service 特权提升漏洞 | Important |
Microsoft Windows | CVE-2019-0600 | HID 信息泄露漏洞 | Important |
Microsoft Windows | CVE-2019-0601 | HID 信息泄露漏洞 | Important |
Microsoft Windows | CVE-2019-0627 | Windows 安全功能绕过漏洞 | Important |
Microsoft Windows | CVE-2019-0631 | Windows 安全功能绕过漏洞 | Important |
Microsoft Windows | CVE-2019-0632 | Windows 安全功能绕过漏洞 | Important |
Microsoft Windows | CVE-2019-0636 | Windows 信息泄露漏洞 | Important |
Microsoft Windows | CVE-2019-0637 | Windows Defender Firewall 安全功能绕过漏洞 | Important |
Microsoft Windows | ADV190006 | Guidance to mitigate unconstrained delegation vulnerabilities | Unknown |
Servicing Stack Updates | ADV990001 | Latest Servicing Stack Updates | Critical |
Team Foundation Server | CVE-2019-0743 | Team Foundation Server Cross-site Scripting Vulnerability | Important |
Team Foundation Server | CVE-2019-0742 | Team Foundation Server Cross-site Scripting Vulnerability | Important |
Visual Studio | CVE-2019-0728 | Visual Studio Code 远程代码执行漏洞 | Important |
Windows DHCP Server | CVE-2019-0626 | Windows DHCP Server 远程代码执行漏洞 | Critical |
Windows Hyper-V | CVE-2019-0635 | Windows Hyper-V 信息泄露漏洞 | Important |
Windows Kernel | CVE-2019-0623 | Win32k 特权提升漏洞 | Important |
Windows Kernel | CVE-2019-0628 | Win32k 信息泄露漏洞 | Important |
Windows Kernel | CVE-2019-0656 | Windows Kernel 特权提升漏洞 | Important |
Windows Kernel | CVE-2019-0661 | Windows Kernel 信息泄露漏洞 | Important |
Windows Kernel | CVE-2019-0621 | Windows Kernel 信息泄露漏洞 | Important |
Windows SMB Server | CVE-2019-0630 | Windows SMB 远程代码执行漏洞 | Important |
Windows SMB Server | CVE-2019-0633 | Windows SMB 远程代码执行漏洞 | Important |
修复建议
微软官方已经发布更新补丁,请及时进行补丁更新。
附件下载