【威胁通告】微软发布10月补丁修复61个安全问题

微软于周二发布了10月安全更新补丁,修复了61个从简单的欺骗攻击到远程执行代码的安全问题

综述

微软于周二发布了10月安全更新补丁,修复了61个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及Azure、Internet Explorer、Microsoft Browsers、Microsoft Devices、Microsoft Dynamics、Microsoft Edge、Microsoft Graphics Component、Microsoft JET Database Engine、Microsoft Office、Microsoft Office SharePoint、Microsoft Scripting Engine、Microsoft Windows、Open Source Software、Secure Boot、Servicing Stack Updates、SQL Server、Windows Hyper-V、Windows IIS、Windows Installer、Windows Kernel、Windows NTLM、Windows RDP以及Windows Update Stack。

相关信息如下:

产品 CVE 编号 CVE 标题 严重程度
Azure CVE-2019-1372 Azure App Service 远程代码执行漏洞 Critical
Internet Explorer CVE-2019-1371 Internet Explorer 内存破坏漏洞 Important
Microsoft Browsers CVE-2019-0608 Microsoft Browser 欺骗漏洞 Important
Microsoft Browsers CVE-2019-1357 Microsoft Browser 欺骗漏洞 Important
Microsoft Devices CVE-2019-1314 Windows 10 Mobile 安全功能绕过漏洞 Important
Microsoft Dynamics CVE-2019-1375 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability Important
Microsoft Edge CVE-2019-1356 Microsoft Edge based on Edge HTML 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-1361 Microsoft Graphics Components 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-1362 Win32k 特权提升漏洞 Important
Microsoft Graphics Component CVE-2019-1363 Windows GDI 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-1364 Win32k 特权提升漏洞 Important
Microsoft JET Database Engine CVE-2019-1358 Jet Database Engine 远程代码执行漏洞 Important
Microsoft JET Database Engine CVE-2019-1359 Jet Database Engine 远程代码执行漏洞 Important
Microsoft Office CVE-2019-1327 Microsoft Excel 远程代码执行漏洞 Important
Microsoft Office CVE-2019-1331 Microsoft Excel 远程代码执行漏洞 Important
Microsoft Office SharePoint CVE-2019-1070 Microsoft Office SharePoint XSS Vulnerability Important
Microsoft Office SharePoint CVE-2019-1328 Microsoft SharePoint 欺骗漏洞 Important
Microsoft Office SharePoint CVE-2019-1329 Microsoft SharePoint 特权提升漏洞 Important
Microsoft Office SharePoint CVE-2019-1330 Microsoft SharePoint 特权提升漏洞 Important
Microsoft Scripting Engine CVE-2019-1060 MS XML 远程代码执行漏洞 Critical
Microsoft Scripting Engine CVE-2019-1307 Chakra Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-1308 Chakra Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-1238 VBScript 远程代码执行漏洞 Critical
Microsoft Scripting Engine CVE-2019-1239 VBScript 远程代码执行漏洞 Critical
Microsoft Scripting Engine CVE-2019-1335 Chakra Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-1366 Chakra Scripting Engine 内存破坏漏洞 Critical
Microsoft Windows CVE-2019-1341 Windows Power Service 特权提升漏洞 Important
Microsoft Windows CVE-2019-1342 Windows Error Reporting Manager 特权提升漏洞 Important
Microsoft Windows CVE-2019-1344 Windows Code Integrity Module 信息泄露漏洞 Important
Microsoft Windows CVE-2019-1346 Windows 拒绝服务漏洞 Important
Microsoft Windows CVE-2019-1347 Windows 拒绝服务漏洞 Important
Microsoft Windows CVE-2019-1311 Windows Imaging API 远程代码执行漏洞 Important
Microsoft Windows CVE-2019-1315 Windows Error Reporting Manager 特权提升漏洞 Important
Microsoft Windows CVE-2019-1316 Microsoft Windows Setup 特权提升漏洞 Important
Microsoft Windows CVE-2019-1317 Microsoft Windows 拒绝服务漏洞 Important
Microsoft Windows CVE-2019-1318 Microsoft Windows Transport Layer Security 欺骗漏洞 Important
Microsoft Windows CVE-2019-1319 Windows Error Reporting 特权提升漏洞 Important
Microsoft Windows CVE-2019-1320 Microsoft Windows 特权提升漏洞 Important
Microsoft Windows CVE-2019-1321 Microsoft Windows CloudStore 特权提升漏洞 Important
Microsoft Windows CVE-2019-1322 Microsoft Windows 特权提升漏洞 Important
Microsoft Windows CVE-2019-1325 Windows Redirected Drive Buffering System 特权提升漏洞 Moderate
Microsoft Windows CVE-2019-1338 Windows NTLM 安全功能绕过漏洞 Important
Microsoft Windows CVE-2019-1339 Windows Error Reporting Manager 特权提升漏洞 Important
Microsoft Windows CVE-2019-1340 Microsoft Windows 特权提升漏洞 Important
Open Source Software CVE-2019-1369 Open Enclave SDK 信息泄露漏洞 Important
Secure Boot CVE-2019-1368 Windows Secure Boot 安全功能绕过漏洞 Important
Servicing Stack Updates ADV990001 Latest Servicing Stack Updates Critical
SQL Server CVE-2019-1313 SQL Server Management Studio 信息泄露漏洞 Important
SQL Server CVE-2019-1376 SQL Server Management Studio 信息泄露漏洞 Important
Windows Hyper-V CVE-2019-1230 Hyper-V 信息泄露漏洞 Important
Windows IIS CVE-2019-1365 Microsoft IIS Server 特权提升漏洞 Important
Windows Installer CVE-2019-1378 Windows 10 Update Assistant 特权提升漏洞 Important
Windows Kernel CVE-2019-1343 Windows 拒绝服务漏洞 Important
Windows Kernel CVE-2019-1345 Windows Kernel 信息泄露漏洞 Important
Windows Kernel CVE-2019-1334 Windows Kernel 信息泄露漏洞 Important
Windows NTLM CVE-2019-1166 Windows NTLM Tampering Vulnerability Important
Windows RDP CVE-2019-1326 Windows Remote Desktop Protocol (RDP) 拒绝服务漏洞 Important
Windows RDP CVE-2019-1333 Remote Desktop Client 远程代码执行漏洞 Critical
Windows Update Stack CVE-2019-1323 Microsoft Windows Update Client 特权提升漏洞 Important
Windows Update Stack CVE-2019-1336 Microsoft Windows Update Client 特权提升漏洞 Important
Windows Update Stack CVE-2019-1337 Windows Update Client 信息泄露漏洞 Important

 

修复建议

微软官方已经发布更新补丁,请及时进行补丁更新。

全文下载

微软发布10月补丁修复61个安全问题

Spread the word. Share this post!

Meet The Author

Leave Comment