绿盟科技

400-818-6868

安全研究

威胁通告
微软发布4月补丁修复76个安全问题安全威胁通告

微软于周二发布了4月安全更新补丁,修复了76个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及.NET Core、Adobe Flash Player、CSRSS、Microsoft Browsers、Microsoft Edge、Microsoft Exchange Server、Microsoft Graphics Component、Microsoft JET Database Engine、Microsoft Office、Microsoft Office SharePoint、Microsoft scripting Engine、Microsoft Windows、Microsoft XML、Open Source Software、Servicing Stack Updates、Team Foundation Server、Windows Admin Center、Windows Kernel以及Windows SMB Server。

漏洞介绍

相关信息如下:

产品 CVE 编号 CVE 标题 严重程度
.NET Core CVE-2019-0815 ASP.NET Core 拒绝服务漏洞 Important
Adobe Flash Player ADV190011 April 2019 Adobe Flash 安全更新 Critical
CSRSS CVE-2019-0735 Windows CSRSS 特权提升漏洞 Important
Microsoft Browsers CVE-2019-0764 Microsoft Browsers Tampering Vulnerability Low
Microsoft Edge CVE-2019-0833 Microsoft Edge 信息泄露漏洞 Important
Microsoft Exchange Server CVE-2019-0858 Microsoft Exchange 欺骗漏洞 Important
Microsoft Exchange Server CVE-2019-0817 Microsoft Exchange 欺骗漏洞 Important
Microsoft Graphics Component CVE-2019-0802 Windows GDI 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-0803 Win32k 特权提升漏洞 Important
Microsoft Graphics Component CVE-2019-0849 Windows GDI 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-0853 GDI+ 远程代码执行漏洞 Critical
Microsoft JET Database Engine CVE-2019-0846 Jet Database Engine 远程代码执行漏洞 Important
Microsoft JET Database Engine CVE-2019-0847 Jet Database Engine 远程代码执行漏洞 Important
Microsoft JET Database Engine CVE-2019-0851 Jet Database Engine 远程代码执行漏洞 Important
Microsoft JET Database Engine CVE-2019-0877 Jet Database Engine 远程代码执行漏洞 Important
Microsoft JET Database Engine CVE-2019-0879 Jet Database Engine 远程代码执行漏洞 Important
Microsoft Office CVE-2019-0822 Microsoft Graphics Components 远程代码执行漏洞 Important
Microsoft Office CVE-2019-0823 Microsoft Office Access Connectivity Engine 远程代码执行漏洞 Important
Microsoft Office CVE-2019-0824 Microsoft Office Access Connectivity Engine 远程代码执行漏洞 Important
Microsoft Office CVE-2019-0825 Microsoft Office Access Connectivity Engine 远程代码执行漏洞 Important
Microsoft Office CVE-2019-0826 Microsoft Office Access Connectivity Engine 远程代码执行漏洞 Important
Microsoft Office CVE-2019-0827 Microsoft Office Access Connectivity Engine 远程代码执行漏洞 Important
Microsoft Office CVE-2019-0801 Office 远程代码执行漏洞 Important
Microsoft Office CVE-2019-0828 Microsoft Excel 远程代码执行漏洞 Important
Microsoft Office SharePoint CVE-2019-0830 Microsoft Office SharePoint XSS Vulnerability Important
Microsoft Office SharePoint CVE-2019-0831 Microsoft Office SharePoint XSS Vulnerability Important
Microsoft scripting Engine CVE-2019-0739 scripting Engine 内存破坏漏洞 Critical
Microsoft scripting Engine CVE-2019-0812 Chakra scripting Engine 内存破坏漏洞 Critical
Microsoft scripting Engine CVE-2019-0829 Chakra scripting Engine 内存破坏漏洞 Critical
Microsoft scripting Engine CVE-2019-0752 scripting Engine 内存破坏漏洞 Important
Microsoft scripting Engine CVE-2019-0753 scripting Engine 内存破坏漏洞 Critical
Microsoft scripting Engine CVE-2019-0806 Chakra scripting Engine 内存破坏漏洞 Critical
Microsoft scripting Engine CVE-2019-0810 Chakra scripting Engine 内存破坏漏洞 Moderate
Microsoft scripting Engine CVE-2019-0835 Microsoft scripting Engine 信息泄露漏洞 Important
Microsoft scripting Engine CVE-2019-0860 Chakra scripting Engine 内存破坏漏洞 Moderate
Microsoft scripting Engine CVE-2019-0861 Chakra scripting Engine 内存破坏漏洞 Critical
Microsoft scripting Engine CVE-2019-0862 scripting Engine 内存破坏漏洞 Important
Microsoft Windows CVE-2019-0794 OLE Automation 远程代码执行漏洞 Important
Microsoft Windows CVE-2019-0805 Windows 特权提升漏洞 Important
Microsoft Windows CVE-2019-0838 Windows 信息泄露漏洞 Important
Microsoft Windows CVE-2019-0839 Windows 信息泄露漏洞 Important
Microsoft Windows CVE-2019-0840 Windows Kernel 信息泄露漏洞 Important
Microsoft Windows CVE-2019-0841 Windows 特权提升漏洞 Important
Microsoft Windows CVE-2019-0842 Windows vbscript Engine 远程代码执行漏洞 Important
Microsoft Windows CVE-2019-0845 Windows IOleCvt Interface 远程代码执行漏洞 Critical
Microsoft Windows CVE-2019-0848 Win32k 信息泄露漏洞 Important
Microsoft Windows CVE-2019-0685 Win32k 特权提升漏洞 Important
Microsoft Windows CVE-2019-0688 Windows TCP/IP 信息泄露漏洞 Important
Microsoft Windows CVE-2019-0730 Windows 特权提升漏洞 Important
Microsoft Windows CVE-2019-0731 Windows 特权提升漏洞 Important
Microsoft Windows CVE-2019-0732 Windows 安全功能绕过漏洞 Important
Microsoft Windows CVE-2019-0796 Windows 特权提升漏洞 Important
Microsoft Windows CVE-2019-0814 Win32k 信息泄露漏洞 Important
Microsoft Windows CVE-2019-0836 Windows 特权提升漏洞 Important
Microsoft Windows CVE-2019-0837 DirectX 信息泄露漏洞 Important
Microsoft XML CVE-2019-0790 MS XML 远程代码执行漏洞 Critical
Microsoft XML CVE-2019-0791 MS XML 远程代码执行漏洞 Critical
Microsoft XML CVE-2019-0792 MS XML 远程代码执行漏洞 Critical
Microsoft XML CVE-2019-0793 MS XML 远程代码执行漏洞 Critical
Microsoft XML CVE-2019-0795 MS XML 远程代码执行漏洞 Critical
Open Source Software CVE-2019-0876 Open Enclave SDK 信息泄露漏洞 Important
Servicing Stack Updates ADV990001 Latest Servicing Stack Updates Critical
Team Foundation Server CVE-2019-0857 Azure DevOps Server 欺骗漏洞 Important
Team Foundation Server CVE-2019-0866 Azure DevOps Server and Team Foundation Server Cross-site scripting Vulnerability Important
Team Foundation Server CVE-2019-0867 Azure DevOps Server and Team Foundation Server Cross-site scripting Vulnerability Important
Team Foundation Server CVE-2019-0868 Azure DevOps Server and Team Foundation Server Cross-site scripting Vulnerability Important
Team Foundation Server CVE-2019-0869 Azure DevOps Server HTML Injection Vulnerability Important
Team Foundation Server CVE-2019-0870 Azure DevOps Server and Team Foundation Server Cross-site scripting Vulnerability Important
Team Foundation Server CVE-2019-0871 Azure DevOps Server and Team Foundation Server Cross-site scripting Vulnerability Important
Team Foundation Server CVE-2019-0874 Azure DevOps Server Cross-site scripting Vulnerability Important
Team Foundation Server CVE-2019-0875 Azure DevOps Server 特权提升漏洞 Important
Windows Admin Center CVE-2019-0813 Windows Admin Center 特权提升漏洞 Important
Windows Kernel CVE-2019-0844 Windows Kernel 信息泄露漏洞 Important
Windows Kernel CVE-2019-0856 Windows 远程代码执行漏洞 Important
Windows Kernel CVE-2019-0859 Win32k 特权提升漏洞 Important
Windows SMB Server CVE-2019-0786 SMB Server 特权提升漏洞 Critical

 

修复建议

微软官方已经发布更新补丁,请及时进行补丁更新。

 

附件下载

微软发布4月补丁修复76个安全问题



浏览次数:

关 闭