微软周二发布9月补丁,解决81个安全问题
微软周二发布9月补丁,解决81个安全问题
微软于周二发布了9月份的安全更新修补程序,修复了81个安全问题,从简单的欺骗攻击到远程代码执行。 产品包括.NET Core,.NET Framework,Active Directory,Adobe Flash Player,ASP.NET,Common。 日志文件系统驱动程序,Microsoft浏览器,Microsoft Edge,Microsoft Exchange Server,Microsoft图形组件,Microsoft JET数据库引擎,Microsoft Office,Microsoft Office SharePoint,Microsoft Scripting Engine,Microsoft Windows,Microsoft Yammer,Project Rome,服务堆栈更新,Skype for Business和Microsoft Lync,Team Foundation Server,Visual Studio,Windows Hyper-V,Windows Kernel和Windows RDP。
| Product | CVE number | CVE title | severity |
| .NET Core | CVE-2019-1301 | .NET Core Denial of Service Vulnerability | Important |
| .NET Framework | CVE-2019-1142 | .NET Framework Privilege Escalation Vulnerability | Important |
| Active Directory | CVE-2019-1273 | Active Directory Federation Services XSS Vulnerability | Important |
| Adobe Flash Player | ADV190022 | September 2019 Adobe Flash Security Update | Critical |
| ASP.NET | CVE-2019-1302 | ASP.NET Core Elevation Of Privilege Vulnerability | Important |
| Common Log File System Driver | CVE-2019-1214 | Windows Common Log File System Driver Privilege Escalation Vulnerability | Important |
| Common Log File System Driver | CVE-2019-1282 | Windows Common Log File System Driver Information Disclosure Vulnerability | Important |
| Microsoft Browsers | CVE-2019-1220 | Microsoft Browser Security Feature Bypass Vulnerability | Important |
| Microsoft Edge | CVE-2019-1299 | Microsoft Edge based on Edge HTML Information Disclosure Vulnerability | Important |
| Microsoft Exchange Server | CVE-2019-1233 | Microsoft Exchange Denial of Service Vulnerability | Important |
| Microsoft Exchange Server | CVE-2019-1266 | Microsoft Exchange Spoofing Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1216 | DirectX Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1244 | DirectWrite Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1245 | DirectWrite Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1251 | DirectWrite Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1252 | Windows GDI Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1283 | Microsoft Graphics Components Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1284 | DirectX privilege elevation vulnerability | Important |
| Microsoft Graphics Component | CVE-2019-1286 | Windows GDI Information Disclosure Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1240 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1241 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1242 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1243 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1246 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1247 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1248 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1249 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2019-1250 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-1297 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2019-1263 | Microsoft Excel Information Disclosure Vulnerability | Important |
| Microsoft Office | CVE-2019-1264 | Microsoft Office Security Feature Bypass Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2019-1257 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical |
| Microsoft Office SharePoint | CVE-2019-1259 | Microsoft SharePoint Spoofing Vulnerability | Moderate |
| Microsoft Office SharePoint | CVE-2019-1260 | Microsoft SharePoint privilege elevation vulnerability | Important |
| Microsoft Office SharePoint | CVE-2019-1261 | Microsoft SharePoint Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2019-1262 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2019-1295 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical |
| Microsoft Office SharePoint | CVE-2019-1296 | Microsoft SharePoint Remote Code Execution Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-1138 | Chakra Scripting Engine Memory Corruption Vulnerability | Moderate |
| Microsoft Scripting Engine | CVE-2019-1208 | VBScript Remote Code Execution Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-1217 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-1221 | Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-1236 | VBScript Remote Code Execution Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-1237 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Scripting Engine | CVE-2019-1298 | Chakra Scripting Engine Memory Corruption Vulnerability | Moderate |
| Microsoft Scripting Engine | CVE-2019-1300 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
| Microsoft Windows | CVE-2019-1215 | Windows privilege elevation vulnerability | Important |
| Microsoft Windows | CVE-2019-1219 | Windows Transaction Manager Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2019-1267 | Microsoft Compatibility Appraiser Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1268 | Winlogon Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1269 | Windows ALPC Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1270 | Microsoft Windows Store Installer Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1271 | Windows Media privilege elevation vulnerability | Important |
| Microsoft Windows | CVE-2019-1272 | Windows ALPC Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1235 | Windows Text Service Framework Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1253 | Windows privilege elevation vulnerability | Important |
| Microsoft Windows | CVE-2019-1277 | Windows Audio Service Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1278 | Windows privilege elevation vulnerability | Important |
| Microsoft Windows | CVE-2019-1280 | LNK Remote Code Execution Vulnerability | Critical |
| Microsoft Windows | CVE-2019-1287 | Windows Network Connectivity Assistant Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1289 | Windows Update Delivery Optimization Privilege Escalation Vulnerability | Important |
| Microsoft Windows | CVE-2019-1292 | Windows Denial of Service Vulnerability | Important |
| Microsoft Windows | CVE-2019-1294 | Windows Secure Boot Security Feature Bypass Vulnerability | Important |
| Microsoft Windows | CVE-2019-1303 | Windows privilege elevation vulnerability | Important |
| Microsoft Yammer | CVE-2019-1265 | Microsoft Yammer Security Feature Bypass Vulnerability | Important |
| Project Rome | CVE-2019-1231 | Rome SDK Information Disclosure Vulnerability | Important |
| Servicing Stack Updates | ADV990001 | Latest Servicing Stack Updates | Critical |
| Skype for Business and Microsoft Lync | CVE-2019-1209 | Lync 2013 Information Disclosure Vulnerability | Important |
| Team Foundation Server | CVE-2019-1305 | Team Foundation Server Cross-site Scripting Vulnerability | Important |
| Team Foundation Server | CVE-2019-1306 | Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability | Critical |
| Visual Studio | CVE-2019-1232 | Diagnostics Hub Standard Collector Service Privilege Escalation Vulnerability | Important |
| Windows Hyper-V | CVE-2019-0928 | Windows Hyper-V Denial of Service Vulnerability | Important |
| Windows Hyper-V | CVE-2019-1254 | Windows Hyper-V Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2019-1274 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2019-1256 | Win32k Privilege Escalation Vulnerability | Important |
| Windows Kernel | CVE-2019-1285 | Win32k Privilege Escalation Vulnerability | Important |
| Windows Kernel | CVE-2019-1293 | Windows SMB Client Driver Information Disclosure Vulnerability | Important |
| Windows RDP | CVE-2019-0787 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Windows RDP | CVE-2019-0788 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Windows RDP | CVE-2019-1290 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Windows RDP | CVE-2019-1291 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
linuxboy的RSS地址:https://www.linuxboy.net/rssFeed.aspx
本文永久更新链接地址:https://www.linuxboy.net/Linux/2019-09/160602.htm
评论暂时关闭