【威胁通告】微软发布3月补丁修复68个安全问题

微软于周二发布了3月安全更新补丁，修复了68个从简单的欺骗攻击到远程执行代码的安全问题，产品涉及Active Directory、Adobe Flash Player、Azure、Internet Explorer、Microsoft Browsers、Microsoft Edge、Microsoft Graphics Component、Microsoft JET Database Engine、Microsoft Office、Microsoft Office SharePoint、Microsoft Scripting Engine、Microsoft Windows、Microsoft XML、NuGet、Servicing Stack Updates、Skype for Business、Team Foundation Server、Visual Studio、Windows DHCP Client、Windows Hyper-V、Windows Kernel、Windows Kernel-Mode Drivers、Windows Print Spooler Components、Windows SMB Server以及Windows Subsystem for Linux。

漏洞列表

相关信息如下：

产品	CVE 编号	CVE 标题	严重程度
Active Directory	CVE-2019-0683	Active Directory 特权提升漏洞	Important
Adobe Flash Player	ADV190008	March 2019 Adobe Flash 安全更新	Low
Azure	CVE-2019-0816	Azure SSH Keypairs 安全功能绕过漏洞	Moderate
Internet Explorer	CVE-2019-0761	Internet Explorer 安全功能绕过漏洞	Low
Internet Explorer	CVE-2019-0763	Internet Explorer 内存破坏漏洞	Moderate
Internet Explorer	CVE-2019-0768	Internet Explorer 安全功能绕过漏洞	Important
Microsoft Browsers	CVE-2019-0762	Microsoft Browsers 安全功能绕过漏洞	Low
Microsoft Browsers	CVE-2019-0780	Microsoft Browser 内存破坏漏洞	Important
Microsoft Edge	CVE-2019-0612	Microsoft Edge 安全功能绕过漏洞	Important
Microsoft Edge	CVE-2019-0678	Microsoft Edge 特权提升漏洞	Important
Microsoft Edge	CVE-2019-0779	Microsoft Edge 内存破坏漏洞	Important
Microsoft Graphics Component	CVE-2019-0774	Windows GDI 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-0797	Win32k 特权提升漏洞	Important
Microsoft Graphics Component	CVE-2019-0808	Win32k 特权提升漏洞	Important
Microsoft Graphics Component	CVE-2019-0614	Windows GDI 信息泄露漏洞	Important
Microsoft JET Database Engine	CVE-2019-0617	Jet Database Engine 远程代码执行漏洞	Important
Microsoft Office	CVE-2019-0748	Microsoft Office Access Connectivity Engine 远程代码执行漏洞	Important
Microsoft Office SharePoint	CVE-2019-0778	Microsoft Office SharePoint XSS Vulnerability	Important
Microsoft Scripting Engine	CVE-2019-0609	Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-0611	Chakra Scripting Engine 内存破坏漏洞	Low
Microsoft Scripting Engine	CVE-2019-0639	Scripting Engine 内存破坏漏洞	Moderate
Microsoft Scripting Engine	CVE-2019-0746	Chakra Scripting Engine 内存破坏漏洞	Important
Microsoft Scripting Engine	CVE-2019-0769	Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-0770	Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-0771	Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-0772	Windows VBScript Engine 远程代码执行漏洞	Important
Microsoft Scripting Engine	CVE-2019-0773	Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-0783	Scripting Engine 内存破坏漏洞	Important
Microsoft Scripting Engine	CVE-2019-0592	Chakra Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-0665	Windows VBScript Engine 远程代码执行漏洞	Important
Microsoft Scripting Engine	CVE-2019-0666	Windows VBScript Engine 远程代码执行漏洞	Critical
Microsoft Scripting Engine	CVE-2019-0667	Windows VBScript Engine 远程代码执行漏洞	Critical
Microsoft Scripting Engine	CVE-2019-0680	Scripting Engine 内存破坏漏洞	Critical
Microsoft Windows	CVE-2019-0754	Windows 拒绝服务漏洞	Important
Microsoft Windows	CVE-2019-0765	Comctl32 远程代码执行漏洞	Important
Microsoft Windows	CVE-2019-0766	Microsoft Windows 特权提升漏洞	Important
Microsoft Windows	CVE-2019-0784	Windows ActiveX 远程代码执行漏洞	Critical
Microsoft Windows	ADV190009	SHA-2 Code Sign Support Advisory	Unknown
Microsoft Windows	ADV190010	Best Practices Regarding Sharing of a Single User Account Across Multiple Users	Unknown
Microsoft Windows	CVE-2019-0603	Windows Deployment Services TFTP Server 远程代码执行漏洞	Critical
Microsoft XML	CVE-2019-0756	MS XML 远程代码执行漏洞	Critical
NuGet	CVE-2019-0757	NuGet Package Manager Tampering Vulnerability	Important
Servicing Stack Updates	ADV990001	Latest Servicing Stack Updates	Critical
Skype for Business	CVE-2019-0798	Skype for Business and Lync 欺骗漏洞	Important
Team Foundation Server	CVE-2019-0777	Team Foundation Server Cross-site Scripting Vulnerability	Low
Visual Studio	CVE-2019-0809	Visual Studio 远程代码执行漏洞	Important
Windows DHCP Client	CVE-2019-0697	Windows DHCP Client 远程代码执行漏洞	Critical
Windows DHCP Client	CVE-2019-0698	Windows DHCP Client 远程代码执行漏洞	Critical
Windows DHCP Client	CVE-2019-0726	Windows DHCP Client 远程代码执行漏洞	Critical
Windows Hyper-V	CVE-2019-0690	Windows Hyper-V 拒绝服务漏洞	Important
Windows Hyper-V	CVE-2019-0695	Windows Hyper-V 拒绝服务漏洞	Important
Windows Hyper-V	CVE-2019-0701	Windows Hyper-V 拒绝服务漏洞	Important
Windows Kernel	CVE-2019-0755	Windows Kernel 信息泄露漏洞	Important
Windows Kernel	CVE-2019-0767	Windows Kernel 信息泄露漏洞	Important
Windows Kernel	CVE-2019-0775	Windows Kernel 信息泄露漏洞	Important
Windows Kernel	CVE-2019-0782	Windows Kernel 信息泄露漏洞	Important
Windows Kernel	CVE-2019-0696	Windows Kernel 特权提升漏洞	Important
Windows Kernel	CVE-2019-0702	Windows Kernel 信息泄露漏洞	Important
Windows Kernel-Mode Drivers	CVE-2019-0776	Win32k 信息泄露漏洞	Important
Windows Print Spooler Components	CVE-2019-0759	Windows Print Spooler 信息泄露漏洞	Important
Windows SMB Server	CVE-2019-0703	Windows SMB 信息泄露漏洞	Important
Windows SMB Server	CVE-2019-0704	Windows SMB 信息泄露漏洞	Important
Windows SMB Server	CVE-2019-0821	Windows SMB 信息泄露漏洞	Important
Windows Subsystem for Linux	CVE-2019-0682	Windows Subsystem for Linux 特权提升漏洞	Important
Windows Subsystem for Linux	CVE-2019-0689	Windows Subsystem for Linux 特权提升漏洞	Important
Windows Subsystem for Linux	CVE-2019-0692	Windows Subsystem for Linux 特权提升漏洞	Important
Windows Subsystem for Linux	CVE-2019-0693	Windows Subsystem for Linux 特权提升漏洞	Important
Windows Subsystem for Linux	CVE-2019-0694	Windows Subsystem for Linux 特权提升漏洞	Important

 

修复建议

微软官方已经发布更新补丁，请及时进行补丁更新。

 

附件下载

微软发布3月补丁修复68个安全问题