【威胁通告】微软发布3月补丁修复68个安全问题

微软于周二发布了3月安全更新补丁,修复了68个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及Active Directory、Adobe Flash Player、Azure、Internet Explorer、Microsoft Browsers、Microsoft Edge、Microsoft Graphics Component、Microsoft JET Database Engine、Microsoft Office、Microsoft Office SharePoint、Microsoft Scripting Engine、Microsoft Windows、Microsoft XML、NuGet、Servicing Stack Updates、Skype for Business、Team Foundation Server、Visual Studio、Windows DHCP Client、Windows Hyper-V、Windows Kernel、Windows Kernel-Mode Drivers、Windows Print Spooler Components、Windows SMB Server以及Windows Subsystem for Linux。

漏洞列表

相关信息如下:

产品 CVE 编号 CVE 标题 严重程度
Active Directory CVE-2019-0683 Active Directory 特权提升漏洞 Important
Adobe Flash Player ADV190008 March 2019 Adobe Flash 安全更新 Low
Azure CVE-2019-0816 Azure SSH Keypairs 安全功能绕过漏洞 Moderate
Internet Explorer CVE-2019-0761 Internet Explorer 安全功能绕过漏洞 Low
Internet Explorer CVE-2019-0763 Internet Explorer 内存破坏漏洞 Moderate
Internet Explorer CVE-2019-0768 Internet Explorer 安全功能绕过漏洞 Important
Microsoft Browsers CVE-2019-0762 Microsoft Browsers 安全功能绕过漏洞 Low
Microsoft Browsers CVE-2019-0780 Microsoft Browser 内存破坏漏洞 Important
Microsoft Edge CVE-2019-0612 Microsoft Edge 安全功能绕过漏洞 Important
Microsoft Edge CVE-2019-0678 Microsoft Edge 特权提升漏洞 Important
Microsoft Edge CVE-2019-0779 Microsoft Edge 内存破坏漏洞 Important
Microsoft Graphics Component CVE-2019-0774 Windows GDI 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-0797 Win32k 特权提升漏洞 Important
Microsoft Graphics Component CVE-2019-0808 Win32k 特权提升漏洞 Important
Microsoft Graphics Component CVE-2019-0614 Windows GDI 信息泄露漏洞 Important
Microsoft JET Database Engine CVE-2019-0617 Jet Database Engine 远程代码执行漏洞 Important
Microsoft Office CVE-2019-0748 Microsoft Office Access Connectivity Engine 远程代码执行漏洞 Important
Microsoft Office SharePoint CVE-2019-0778 Microsoft Office SharePoint XSS Vulnerability Important
Microsoft Scripting Engine CVE-2019-0609 Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-0611 Chakra Scripting Engine 内存破坏漏洞 Low
Microsoft Scripting Engine CVE-2019-0639 Scripting Engine 内存破坏漏洞 Moderate
Microsoft Scripting Engine CVE-2019-0746 Chakra Scripting Engine 内存破坏漏洞 Important
Microsoft Scripting Engine CVE-2019-0769 Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-0770 Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-0771 Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-0772 Windows VBScript Engine 远程代码执行漏洞 Important
Microsoft Scripting Engine CVE-2019-0773 Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-0783 Scripting Engine 内存破坏漏洞 Important
Microsoft Scripting Engine CVE-2019-0592 Chakra Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-0665 Windows VBScript Engine 远程代码执行漏洞 Important
Microsoft Scripting Engine CVE-2019-0666 Windows VBScript Engine 远程代码执行漏洞 Critical
Microsoft Scripting Engine CVE-2019-0667 Windows VBScript Engine 远程代码执行漏洞 Critical
Microsoft Scripting Engine CVE-2019-0680 Scripting Engine 内存破坏漏洞 Critical
Microsoft Windows CVE-2019-0754 Windows 拒绝服务漏洞 Important
Microsoft Windows CVE-2019-0765 Comctl32 远程代码执行漏洞 Important
Microsoft Windows CVE-2019-0766 Microsoft Windows 特权提升漏洞 Important
Microsoft Windows CVE-2019-0784 Windows ActiveX 远程代码执行漏洞 Critical
Microsoft Windows ADV190009 SHA-2 Code Sign Support Advisory Unknown
Microsoft Windows ADV190010 Best Practices Regarding Sharing of a Single User Account Across Multiple Users Unknown
Microsoft Windows CVE-2019-0603 Windows Deployment Services TFTP Server 远程代码执行漏洞 Critical
Microsoft XML CVE-2019-0756 MS XML 远程代码执行漏洞 Critical
NuGet CVE-2019-0757 NuGet Package Manager Tampering Vulnerability Important
Servicing Stack Updates ADV990001 Latest Servicing Stack Updates Critical
Skype for Business CVE-2019-0798 Skype for Business and Lync 欺骗漏洞 Important
Team Foundation Server CVE-2019-0777 Team Foundation Server Cross-site Scripting Vulnerability Low
Visual Studio CVE-2019-0809 Visual Studio 远程代码执行漏洞 Important
Windows DHCP Client CVE-2019-0697 Windows DHCP Client 远程代码执行漏洞 Critical
Windows DHCP Client CVE-2019-0698 Windows DHCP Client 远程代码执行漏洞 Critical
Windows DHCP Client CVE-2019-0726 Windows DHCP Client 远程代码执行漏洞 Critical
Windows Hyper-V CVE-2019-0690 Windows Hyper-V 拒绝服务漏洞 Important
Windows Hyper-V CVE-2019-0695 Windows Hyper-V 拒绝服务漏洞 Important
Windows Hyper-V CVE-2019-0701 Windows Hyper-V 拒绝服务漏洞 Important
Windows Kernel CVE-2019-0755 Windows Kernel 信息泄露漏洞 Important
Windows Kernel CVE-2019-0767 Windows Kernel 信息泄露漏洞 Important
Windows Kernel CVE-2019-0775 Windows Kernel 信息泄露漏洞 Important
Windows Kernel CVE-2019-0782 Windows Kernel 信息泄露漏洞 Important
Windows Kernel CVE-2019-0696 Windows Kernel 特权提升漏洞 Important
Windows Kernel CVE-2019-0702 Windows Kernel 信息泄露漏洞 Important
Windows Kernel-Mode Drivers CVE-2019-0776 Win32k 信息泄露漏洞 Important
Windows Print Spooler Components CVE-2019-0759 Windows Print Spooler 信息泄露漏洞 Important
Windows SMB Server CVE-2019-0703 Windows SMB 信息泄露漏洞 Important
Windows SMB Server CVE-2019-0704 Windows SMB 信息泄露漏洞 Important
Windows SMB Server CVE-2019-0821 Windows SMB 信息泄露漏洞 Important
Windows Subsystem for Linux CVE-2019-0682 Windows Subsystem for Linux 特权提升漏洞 Important
Windows Subsystem for Linux CVE-2019-0689 Windows Subsystem for Linux 特权提升漏洞 Important
Windows Subsystem for Linux CVE-2019-0692 Windows Subsystem for Linux 特权提升漏洞 Important
Windows Subsystem for Linux CVE-2019-0693 Windows Subsystem for Linux 特权提升漏洞 Important
Windows Subsystem for Linux CVE-2019-0694 Windows Subsystem for Linux 特权提升漏洞 Important

 

修复建议

微软官方已经发布更新补丁,请及时进行补丁更新。

 

附件下载

微软发布3月补丁修复68个安全问题

Spread the word. Share this post!

Meet The Author

Leave Comment