2020年5月13日�,,,微软颁布5月软件安全更新。修复了111个安全问题�,,,涉及Microsoft Windows�、�、�、Internet Explorer�、�、�、Microsoft Edge�、�、�、.NET Framework�、�、�、Microsoft Office�、�、�、Visual Studio等宽泛使用的产品�,,,其中蕴含特权提升和远程代码执行等高危缝隙类型。本月微软月度更新修复的缝隙中�,,,严重水平为关键(Critical)的缝隙共有16个�,,,重要(Important)缝隙有95个。其中Win32k 特权提升(CVE-2020-1054)缝隙的PoC已公开�,,,请有关用户实时更新补丁进行防护。
缝隙描述
1. CVE-2020-1153:�:Microsoft图形组件远程代码执行缝隙
Graphics Components是Microsoft Windows操作系统和Microsoft Windows Server操作系统的一个图形组件。Microsoft Graphics Components在处置内存对象的过程中存在远程代码执行缝隙。攻击者可通过诱导用户打开特制文件来利用此缝隙�,,,成功利用此缝隙的攻击者可在指标系统上执行肆意代码。
危�:Φ燃叮�:严重
官方公告:�:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1153
2. CVE-2020-1062:�:Internet Explorer 内存败坏缝隙
当 Internet Explorer 不正确地接见内存中的对象时�,,,存在远程执行代码缝隙。该缝隙可能以一种攻击者能够在当前用户的高低文中执行肆意代码的方式败坏内存。成功利用该缝隙的攻击者能够获得与当前用户一样的用户权限。当用户接见一个出格设计的�、�、�、由攻击者节制的web页面时�,,,可能会触发此缝隙。
危�:Φ燃叮�:严重
官方公告:�:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1062
3. CVE-2020-1023�、�、�、CVE-2020-1024�、�、�、CVE-2020–1102和CVE-2020-1069:�:Microsoft SharePoint 远程执行代码缝隙
以上4个为微软SharePoint中的远程代码执行缝隙。攻击者能够利用此类缝隙获得在受影响终端或服务器上执行肆意代码的能力。由于SharePoint无法查抄利用法式包的源象征�,,,前3个缝隙能够诱导用户打开一个出格制作的SharePoint利用法式文件从而进行利用。由于SharePoint Server无法正确鉴别和筛选不安全的 ASP.NET Web 控件�,,,经过身份验证的攻击者通过上传一个出格制作的页面到SharePoint服务器�,,,可成功利用CVE-2020-1069缝隙。
危�:Φ燃叮�:严重
官方公告:�:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1023
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1024
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1102
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1069
4. CVE-2020-1054(PoC已公开)/CVE-2020-1143:�:Win32k特权提升缝隙
由于Windows kernel-mode driver未能正确处置内存中的对象�,,,导致存在两个特权提升缝隙。攻击者可通过登录指标系统并运行特制的利用法式来进行利用�,,,成功利用此缝隙的攻击者能够在系统内核模式中执行肆意代码。
危�:Φ燃叮�:高危
官方公告:�:
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1054
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1143
5. CVE-2020-1067:�:Windows 远程执行代码缝隙
Windows 在处置内存对象的过程中存在远程执行代码缝隙。拥有域用户帐户的攻击者通过发送特殊的要求�,,,从而使 Windows执行提升权限的肆意代码。成功利用此缝隙能够在受影响的Windows上以更高的权限执行肆意代码。
危�:Φ燃叮�:高危
官方公告:�:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1067
6. CVE-2020-0901:�:Microsoft Excel远程执行代码缝隙
由于Microsoft Excel无法正确处置内存中的对象�,,,导致存在远程执行代码缝隙。攻击者通过诱使用户使用受影响版本的Microsoft Excel打开经过特殊设计的文件进行利用。成功利用此缝隙的攻击者能够获得与当前用户一样的系统节制权限。
危�:Φ燃叮�:高危
官方公告:�:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0901
影响版本
重点关注以下缝隙�,,,更多请查阅官方公告链接:�:
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-May
1. CVE-2020-1054�、�、�、CVE-2020-1143�、�、�、CVE-2020-1067�、�、�、CVE-2020-1153
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
2. CVE-2020-1062
Internet Explorer 11:�:
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2019
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows Server 2016
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2012
Windows Server 2012 R2
Internet Explorer 9:�:
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
3. CVE-2020-1023�、�、�、CVE-2020-1024�、�、�、CVE-2020-1069
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Server 2019
4. CVE-2020-1102
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Server 2019
5. CVE-2020-0901
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Excel 2010 Service Pack 2 (32-bit editions)
Microsoft Excel 2010 Service Pack 2 (64-bit editions)
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Excel 2016 (32-bit edition)
Microsoft Excel 2016 (64-bit edition)
Microsoft Office 2016 for Mac
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for Mac
修复规划
步骤一:�:
在windows的安全中心进行在线下载装置更新补丁�;�;�;
步骤二:�:
由于系统环境以及网络环境的原因�,,,步骤一(在线更新)可能会出现升级失败的问题�,,,能够点击浏览官方布告�,,,而后点击更新名称跳转到微软官方的下载页面�,,,之后下载安全更新独立法式包进行装置。
官方布告:�:
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-May
北京234钱包网络技术有限公司
2020/5/14