微软于周二发布了5月安全更新补丁,修复了68个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及.NET Framework、Adobe Flash Player、Azure、Common Log File System Driver、Device Guard、GitHub、Internet Explorer、Microsoft Browsers、Microsoft Edge、Microsoft Exchange Server、Microsoft Graphics Component、Microsoft Office、Microsoft Scripting Engine、Microsoft Windows、Windows COM、Windows Hyper-V以及Windows Kernel。
CVE漏洞列表
相关信息如下(排名前13的漏洞威胁程度相对较高):
| 产品 | CVE 编号 | CVE 标题 |
| GitHub | CVE-2018-8115 | Windows Host Compute Service Shim 远程代码执行漏洞 |
| Microsoft Office | CVE-2018-8161 | Microsoft Office 远程代码执行漏洞 |
| Microsoft Office | CVE-2018-8162 | Microsoft Excel 远程代码执行漏洞 |
| Microsoft Office | CVE-2018-8173 | Microsoft InfoPath 远程代码执行漏洞 |
| Microsoft Office | CVE-2018-8147 | Microsoft Excel 远程代码执行漏洞 |
| Microsoft Office | CVE-2018-8148 | Microsoft Excel 远程代码执行漏洞 |
| Microsoft Office | CVE-2018-8157 | Microsoft Office 远程代码执行漏洞 |
| Microsoft Office | CVE-2018-8158 | Microsoft Office 远程代码执行漏洞 |
| Microsoft Windows | CVE-2018-8136 | Windows 远程代码执行漏洞 |
| Microsoft Windows | CVE-2018-8174 | Windows VBScript Engine 远程代码执行漏洞 |
| Windows COM | CVE-2018-0824 | Microsoft COM for Windows 远程代码执行漏洞 |
| Windows Hyper-V | CVE-2018-0959 | Hyper-V 远程代码执行漏洞 |
| Windows Hyper-V | CVE-2018-0961 | Hyper-V vSMB 远程代码执行漏洞 |
| .NET Framework | CVE-2018-1039 | .NET Framework Device Guard 安全功能绕过漏洞 |
| .NET Framework | CVE-2018-0765 | .NET and .NET Core 拒绝服务漏洞 |
| Adobe Flash Player | ADV180008 | May 2018 Adobe Flash 安全更新 |
| Azure | CVE-2018-8119 | Azure IoT SDK 欺骗漏洞 |
| Common Log File System Driver | CVE-2018-8167 | Windows Common Log File System Driver 特权提升漏洞 |
| Device Guard | CVE-2018-0854 | Windows 安全功能绕过漏洞 |
| Device Guard | CVE-2018-8129 | Windows 安全功能绕过漏洞 |
| Device Guard | CVE-2018-8132 | Windows 安全功能绕过漏洞 |
| Internet Explorer | CVE-2018-8126 | Internet Explorer 安全功能绕过漏洞 |
| Microsoft Browsers | CVE-2018-1025 | Microsoft Browser 信息泄露漏洞 |
| Microsoft Browsers | CVE-2018-8178 | Microsoft Browser 内存破坏漏洞 |
| Microsoft Edge | CVE-2018-1021 | Microsoft Edge 信息泄露漏洞 |
| Microsoft Edge | CVE-2018-8112 | Microsoft Edge 安全功能绕过漏洞 |
| Microsoft Edge | CVE-2018-8123 | Microsoft Edge 信息泄露漏洞 |
| Microsoft Edge | CVE-2018-8179 | Microsoft Edge 内存破坏漏洞 |
| Microsoft Exchange Server | CVE-2018-8151 | Microsoft Exchange 内存破坏漏洞 |
| Microsoft Exchange Server | CVE-2018-8152 | Microsoft Exchange Server 特权提升漏洞 |
| Microsoft Exchange Server | CVE-2018-8154 | Microsoft Exchange 内存破坏漏洞 |
| Microsoft Exchange Server | CVE-2018-8153 | Microsoft Exchange 欺骗漏洞 |
| Microsoft Exchange Server | CVE-2018-8159 | Microsoft Exchange 特权提升漏洞 |
| Microsoft Graphics Component | CVE-2018-8124 | Win32k 特权提升漏洞 |
| Microsoft Graphics Component | CVE-2018-8164 | Win32k 特权提升漏洞 |
| Microsoft Graphics Component | CVE-2018-8165 | DirectX Graphics Kernel 特权提升漏洞 |
| Microsoft Graphics Component | CVE-2018-8120 | Win32k 特权提升漏洞 |
| Microsoft Office | CVE-2018-8155 | Microsoft SharePoint 特权提升漏洞 |
| Microsoft Office | CVE-2018-8156 | Microsoft SharePoint 特权提升漏洞 |
| Microsoft Office | CVE-2018-8160 | Microsoft Outlook 信息泄露漏洞 |
| Microsoft Office | CVE-2018-8163 | Microsoft Excel 信息泄露漏洞 |
| Microsoft Office | CVE-2018-8168 | Microsoft SharePoint 特权提升漏洞 |
| Microsoft Office | CVE-2018-8149 | Microsoft SharePoint 特权提升漏洞 |
| Microsoft Office | CVE-2018-8150 | Microsoft Outlook 安全功能绕过漏洞 |
| Microsoft Scripting Engine | CVE-2018-8122 | Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-8128 | Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-8130 | Chakra Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-8133 | Chakra Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-8137 | Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-8139 | Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-8145 | Chakra Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-8177 | Chakra Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-0943 | Chakra Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-0945 | Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-0946 | Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-0951 | Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-0953 | Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-0954 | Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-0955 | Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-1022 | Scripting Engine 内存破坏漏洞 |
| Microsoft Scripting Engine | CVE-2018-8114 | Scripting Engine 内存破坏漏洞 |
| Microsoft Windows | CVE-2018-0958 | Windows 安全功能绕过漏洞 |
| Microsoft Windows | CVE-2018-8170 | Windows Image 特权提升漏洞 |
| Windows Kernel | CVE-2018-8127 | Windows Kernel 信息泄露漏洞 |
| Windows Kernel | CVE-2018-8134 | Windows 特权提升漏洞 |
| Windows Kernel | CVE-2018-8897 | Windows Kernel 特权提升漏洞 |
| Windows Kernel | CVE-2018-8166 | Win32k 特权提升漏洞 |
| Windows Kernel | CVE-2018-8141 | Windows Kernel 信息泄露漏洞 |
修复建议
微软官方已经发布更新补丁,请及时进行补丁更新。