近日,CNNVD通报微软官方发布的多个安全漏洞,其中微软产品本身漏洞139个,影响到微软产品的其他厂商漏洞0个。包括Microsoft Message Queuing 安全漏洞(CNNVD-202307-933、CVE-2023-32057)、Microsoft Office 安全漏洞(CNNVD-202307-826、CVE-2023-33150)等多个漏洞。成功利用上述漏洞的攻击者可以在目标系统上执行任意代码、获取用户数据,提升权限等。微软多个产品和系统受漏洞影响。目前,微软官方已经发布了漏洞修复补丁,建议用户及时确认是否受到漏洞影响,尽快采取修补措施。
一、 漏洞介绍
2023年7月11日,微软发布了2023年7月份安全更新,共139个漏洞的补丁程序,CNNVD对这些漏洞进行了收录。本次更新主要涵盖了Microsoft Windows 和 Windows 组件、Microsoft Windows App Store、Microsoft Windows PGM、Microsoft Windows DNS、Microsoft Windows Kernel、Microsoft Office等。CNNVD对其危害等级进行了评价,其中超危漏洞5个,高危漏洞82个,中危漏洞51个,低危漏洞1个。微软多个产品和系统版本受漏洞影响,具体影响范围可访问微软官方网站查询:
https://portal.msrc.microsoft.com/zh-cn/security-guidance
二、漏洞详情
此次更新共包括130个新增漏洞的补丁程序,其中超危漏洞5个,高危漏洞74个,中危漏洞50个,低危漏洞1个。
序号 | 漏洞名称 | CNNVD编号 | CVE编号 | 危害等级 | 官方链接 |
1 | Microsoft Message Queuing 安全漏洞 | CNNVD-202307-933 | CVE-2023-32057 | 超危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32057 |
2 | Microsoft Office 安全漏洞 | CNNVD-202307-826 | CVE-2023-33150 | 超危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33150 |
3 | Microsoft Windows Routing and Remote Access Service (RRAS) 安全漏洞 | CNNVD-202307-815 | CVE-2023-35365 | 超危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35365 |
4 | Microsoft Windows Routing and Remote Access Service (RRAS) 安全漏洞 | CNNVD-202307-814 | CVE-2023-35366 | 超危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35366 |
5 | Microsoft Windows Routing and Remote Access Service (RRAS) 安全漏洞 | CNNVD-202307-810 | CVE-2023-35367 | 超危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35367 |
6 | Microsoft Windows Netlogon 安全漏洞 | CNNVD-202307-920 | CVE-2023-21526 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21526 |
7 | Microsoft Win32k 安全漏洞 | CNNVD-202307-821 | CVE-2023-21756 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21756 |
8 | Microsoft Windows Admin Center 安全漏洞 | CNNVD-202307-922 | CVE-2023-29347 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29347 |
9 | Microsoft ODBC Driver 安全漏洞 | CNNVD-202307-858 | CVE-2023-32038 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32038 |
10 | Microsoft Message Queuing 安全漏洞 | CNNVD-202307-871 | CVE-2023-32044 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32044 |
11 | Microsoft Message Queuing 安全漏洞 | CNNVD-202307-872 | CVE-2023-32045 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32045 |
12 | Microsoft Windows MSHTML Platform 安全漏洞 | CNNVD-202307-874 | CVE-2023-32046 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32046 |
13 | Paint 3D 安全漏洞 | CNNVD-202307-876 | CVE-2023-32047 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32047 |
14 | Microsoft Windows SmartScreen 安全漏洞 | CNNVD-202307-880 | CVE-2023-32049 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32049 |
15 | Microsoft Windows Installer 安全漏洞 | CNNVD-202307-884 | CVE-2023-32050 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32050 |
16 | Microsoft Raw Image Extension 安全漏洞 | CNNVD-202307-886 | CVE-2023-32051 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32051 |
17 | Microsoft Windows Installer 安全漏洞 | CNNVD-202307-929 | CVE-2023-32053 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32053 |
18 | Microsoft Windows Volume Shadow Copy 安全漏洞 | CNNVD-202307-932 | CVE-2023-32054 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32054 |
19 | Microsoft Windows Server Update Service 安全漏洞 | CNNVD-202307-934 | CVE-2023-32056 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32056 |
20 | Microsoft HTTP.sys 安全漏洞 | CNNVD-202307-939 | CVE-2023-32084 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32084 |
21 | Microsoft Visual Studio和Microsoft .NET 安全漏洞 | CNNVD-202307-943 | CVE-2023-33127 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127 |
22 | Microsoft SharePoint 安全漏洞 | CNNVD-202307-942 | CVE-2023-33134 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33134 |
23 | Microsoft Office 安全漏洞 | CNNVD-202307-822 | CVE-2023-33148 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33148 |
24 | Microsoft Office 安全漏洞 | CNNVD-202307-824 | CVE-2023-33149 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33149 |
25 | Microsoft ActiveX 安全漏洞 | CNNVD-202307-830 | CVE-2023-33152 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33152 |
26 | Microsoft Windows Partition Management Driver 安全漏洞 | CNNVD-202307-945 | CVE-2023-33154 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33154 |
27 | Microsoft Windows Cloud Files Mini Filter Driver 安全漏洞 | CNNVD-202307-946 | CVE-2023-33155 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33155 |
28 | Microsoft SharePoint 安全漏洞 | CNNVD-202307-941 | CVE-2023-33157 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33157 |
29 | Microsoft Excel 安全漏洞 | CNNVD-202307-937 | CVE-2023-33158 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33158 |
30 | Microsoft SharePoint 安全漏洞 | CNNVD-202307-935 | CVE-2023-33159 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33159 |
31 | Microsoft SharePoint 安全漏洞 | CNNVD-202307-931 | CVE-2023-33160 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33160 |
32 | Microsoft Excel 安全漏洞 | CNNVD-202307-926 | CVE-2023-33161 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33161 |
33 | Microsoft Windows Network Load Balancing 安全漏洞 | CNNVD-202307-923 | CVE-2023-33163 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33163 |
34 | Microsoft ASP.NET 和 Visual Studio 安全漏洞 | CNNVD-202307-919 | CVE-2023-33170 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170 |
35 | Microsoft Dynamics 365 安全漏洞 | CNNVD-202307-917 | CVE-2023-33171 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33171 |
36 | Microsoft Windows PGM 安全漏洞 | CNNVD-202307-911 | CVE-2023-35297 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35297 |
37 | Microsoft HTTP.sys 安全漏洞 | CNNVD-202307-910 | CVE-2023-35298 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35298 |
38 | Microsoft Windows Common Log File System Driver 安全漏洞 | CNNVD-202307-909 | CVE-2023-35299 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35299 |
39 | Microsoft Windows Remote Procedure Call Runtime 安全漏洞 | CNNVD-202307-908 | CVE-2023-35300 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35300 |
40 | Microsoft PostScript Printer Driver 安全漏洞 | CNNVD-202307-907 | CVE-2023-35302 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35302 |
41 | Microsoft USB Audio Class System Driver 安全漏洞 | CNNVD-202307-906 | CVE-2023-35303 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35303 |
42 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202307-905 | CVE-2023-35304 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35304 |
43 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202307-902 | CVE-2023-35305 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35305 |
44 | Microsoft Message Queuing 安全漏洞 | CNNVD-202307-901 | CVE-2023-35309 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35309 |
45 | Microsoft Outlook 安全漏洞 | CNNVD-202307-899 | CVE-2023-35311 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35311 |
46 | Microsoft Windows VOLSNAP.SYS 安全漏洞 | CNNVD-202307-898 | CVE-2023-35312 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35312 |
47 | Microsoft Windows Online Certificate Status Protocol (OCSP) SnapIn 安全漏洞 | CNNVD-202307-888 | CVE-2023-35313 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35313 |
48 | Microsoft Windows Layer-2 Bridge Network Driver 安全漏洞 | CNNVD-202307-893 | CVE-2023-35315 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35315 |
49 | Microsoft Windows Server Update Service 安全漏洞 | CNNVD-202307-897 | CVE-2023-35317 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35317 |
50 | Microsoft Windows Connected User Experiences and Telemetry 安全漏洞 | CNNVD-202307-892 | CVE-2023-35320 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35320 |
51 | Microsoft Windows Deployment Services 安全漏洞 | CNNVD-202307-887 | CVE-2023-35322 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35322 |
52 | Microsoft Windows OLE 安全漏洞 | CNNVD-202307-885 | CVE-2023-35323 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35323 |
53 | Microsoft Windows Print Spooler Components 安全漏洞 | CNNVD-202307-879 | CVE-2023-35325 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35325 |
54 | Microsoft Windows Transaction Manager 安全漏洞 | CNNVD-202307-875 | CVE-2023-35328 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35328 |
55 | Microsoft SPNEGO Extended Negotiation 安全漏洞 | CNNVD-202307-870 | CVE-2023-35330 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35330 |
56 | Microsoft Media-Wiki Extensions 安全漏洞 | CNNVD-202307-865 | CVE-2023-35333 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35333 |
57 | Microsoft Dynamics 365 安全漏洞 | CNNVD-202307-864 | CVE-2023-35335 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35335 |
58 | Microsoft Windows Win32K 安全漏洞 | CNNVD-202307-859 | CVE-2023-35337 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35337 |
59 | Microsoft Windows Peer Name Resolution Protocol 安全漏洞 | CNNVD-202307-857 | CVE-2023-35338 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35338 |
60 | Microsoft Windows CryptoAPI 安全漏洞 | CNNVD-202307-855 | CVE-2023-35339 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35339 |
61 | Microsoft Windows CNG Key Isolation Service 安全漏洞 | CNNVD-202307-852 | CVE-2023-35340 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35340 |
62 | Microsoft Windows Image Acquisition 安全漏洞 | CNNVD-202307-849 | CVE-2023-35342 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35342 |
63 | Microsoft Windows Geolocation Service 安全漏洞 | CNNVD-202307-846 | CVE-2023-35343 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35343 |
64 | Microsoft Windows App Store 安全漏洞 | CNNVD-202307-839 | CVE-2023-35347 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35347 |
65 | Microsoft Azure Active Directory Connect 安全漏洞 | CNNVD-202307-838 | CVE-2023-35348 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35348 |
66 | Microsoft Windows Active Directory 安全漏洞 | CNNVD-202307-835 | CVE-2023-35350 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35350 |
67 | Microsoft Windows Remote Desktop 安全漏洞 | CNNVD-202307-831 | CVE-2023-35352 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35352 |
68 | Microsoft Windows Connected User Experiences and Telemetry 安全漏洞 | CNNVD-202307-829 | CVE-2023-35353 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35353 |
69 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202307-827 | CVE-2023-35356 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35356 |
70 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202307-825 | CVE-2023-35357 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35357 |
71 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202307-823 | CVE-2023-35358 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35358 |
72 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202307-820 | CVE-2023-35360 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35360 |
73 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202307-819 | CVE-2023-35361 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35361 |
74 | Microsoft Windows Clip Service 安全漏洞 | CNNVD-202307-818 | CVE-2023-35362 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35362 |
75 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202307-817 | CVE-2023-35363 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35363 |
76 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202307-816 | CVE-2023-35364 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35364 |
77 | Microsoft Paint 3D 安全漏洞 | CNNVD-202307-811 | CVE-2023-35374 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35374 |
78 | Microsoft Visual Studio Code 安全漏洞 | CNNVD-202307-806 | CVE-2023-36867 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36867 |
79 | Microsoft Windows Error Reporting 安全漏洞 | CNNVD-202307-800 | CVE-2023-36874 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36874 |
80 | Microsoft Windows Cluster Server 安全漏洞 | CNNVD-202307-850 | CVE-2023-32033 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32033 |
81 | Microsoft Windows Remote Procedure Call Runtime 安全漏洞 | CNNVD-202307-854 | CVE-2023-32034 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32034 |
82 | Microsoft Windows Remote Procedure Call Runtime 安全漏洞 | CNNVD-202307-853 | CVE-2023-32035 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32035 |
83 | Microsoft Windows Layer-2 Bridge Network Driver 安全漏洞 | CNNVD-202307-856 | CVE-2023-32037 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32037 |
84 | Microsoft PostScript Printer Driver 安全漏洞 | CNNVD-202307-860 | CVE-2023-32039 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32039 |
85 | Microsoft PostScript Printer Driver 安全漏洞 | CNNVD-202307-861 | CVE-2023-32040 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32040 |
86 | Microsoft Windows Update Orchestrator Service 安全漏洞 | CNNVD-202307-863 | CVE-2023-32041 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32041 |
87 | Microsoft Windows OLE 安全漏洞 | CNNVD-202307-866 | CVE-2023-32042 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32042 |
88 | Microsoft Windows Remote Desktop 安全漏洞 | CNNVD-202307-868 | CVE-2023-32043 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32043 |
89 | Microsoft Power Apps 安全漏洞 | CNNVD-202307-925 | CVE-2023-32052 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32052 |
90 | Microsoft Windows Active Template Library 安全漏洞 | CNNVD-202307-928 | CVE-2023-32055 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32055 |
91 | Microsoft Windows Failover Cluster 安全漏洞 | CNNVD-202307-936 | CVE-2023-32083 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32083 |
92 | Microsoft PostScript Printer Driver 安全漏洞 | CNNVD-202307-940 | CVE-2023-32085 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32085 |
93 | Microsoft Outlook 安全漏洞 | CNNVD-202307-828 | CVE-2023-33151 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33151 |
94 | Microsoft Outlook 安全漏洞 | CNNVD-202307-832 | CVE-2023-33153 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33153 |
95 | Microsoft Defender 安全漏洞 | CNNVD-202307-944 | CVE-2023-33156 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33156 |
96 | Microsoft Excel 安全漏洞 | CNNVD-202307-927 | CVE-2023-33162 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33162 |
97 | Microsoft Windows Remote Procedure Call 安全漏洞 | CNNVD-202307-921 | CVE-2023-33164 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33164 |
98 | Microsoft SharePoint 安全漏洞 | CNNVD-202307-834 | CVE-2023-33165 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33165 |
99 | Microsoft Windows Remote Procedure Call Runtime 安全漏洞 | CNNVD-202307-836 | CVE-2023-33166 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33166 |
100 | Microsoft Windows Remote Procedure Call Runtime 安全漏洞 | CNNVD-202307-837 | CVE-2023-33167 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33167 |
101 | Microsoft Windows Remote Procedure Call Runtime 安全漏洞 | CNNVD-202307-840 | CVE-2023-33168 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33168 |
102 | Microsoft Windows Remote Procedure Call Runtime 安全漏洞 | CNNVD-202307-843 | CVE-2023-33169 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33169 |
103 | Microsoft Windows Remote Procedure Call Runtime 安全漏洞 | CNNVD-202307-844 | CVE-2023-33172 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33172 |
104 | Microsoft Windows Remote Procedure Call Runtime 安全漏洞 | CNNVD-202307-847 | CVE-2023-33173 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33173 |
105 | Microsoft Windows Cryptographic Services 安全漏洞 | CNNVD-202307-848 | CVE-2023-33174 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33174 |
106 | Microsoft PostScript Printer Driver 安全漏洞 | CNNVD-202307-912 | CVE-2023-35296 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35296 |
107 | Microsoft PostScript Printer Driver 安全漏洞 | CNNVD-202307-903 | CVE-2023-35306 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35306 |
108 | Microsoft Windows MSHTML Platform 安全漏洞 | CNNVD-202307-904 | CVE-2023-35308 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35308 |
109 | Microsoft Windows DNS 安全漏洞 | CNNVD-202307-900 | CVE-2023-35310 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35310 |
110 | Microsoft Windows Remote Procedure Call Runtime 安全漏洞 | CNNVD-202307-891 | CVE-2023-35314 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35314 |
111 | Microsoft Windows Remote Procedure Call Runtime 安全漏洞 | CNNVD-202307-895 | CVE-2023-35316 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35316 |
112 | Microsoft Windows Remote Procedure Call Runtime 安全漏洞 | CNNVD-202307-896 | CVE-2023-35318 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35318 |
113 | Microsoft Windows Remote Procedure Call Runtime 安全漏洞 | CNNVD-202307-894 | CVE-2023-35319 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35319 |
114 | Microsoft Windows Deployment Services 安全漏洞 | CNNVD-202307-890 | CVE-2023-35321 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35321 |
115 | Microsoft PostScript Printer Driver 安全漏洞 | CNNVD-202307-882 | CVE-2023-35324 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35324 |
116 | Microsoft Windows CDP User Components 安全漏洞 | CNNVD-202307-878 | CVE-2023-35326 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35326 |
117 | Microsoft Windows Authentication Methods 安全漏洞 | CNNVD-202307-873 | CVE-2023-35329 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35329 |
118 | Microsoft Windows Local Security Authority (LSA) 安全漏洞 | CNNVD-202307-869 | CVE-2023-35331 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35331 |
119 | Microsoft Windows Remote Desktop Protocol 安全漏洞 | CNNVD-202307-867 | CVE-2023-35332 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35332 |
120 | Microsoft Windows MSHTML Platform 安全漏洞 | CNNVD-202307-862 | CVE-2023-35336 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35336 |
121 | Microsoft Windows Media Foundation 安全漏洞 | CNNVD-202307-851 | CVE-2023-35341 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35341 |
122 | Microsoft Windows DNS 安全漏洞 | CNNVD-202307-845 | CVE-2023-35344 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35344 |
123 | Microsoft Windows DNS 安全漏洞 | CNNVD-202307-842 | CVE-2023-35345 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35345 |
124 | Microsoft Windows DNS 安全漏洞 | CNNVD-202307-841 | CVE-2023-35346 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35346 |
125 | Microsoft Windows Active Directory 安全漏洞 | CNNVD-202307-833 | CVE-2023-35351 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35351 |
126 | Microsoft Windows Authenticode 安全漏洞 | CNNVD-202307-809 | CVE-2023-35373 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35373 |
127 | Microsoft Service Fabric 安全漏洞 | CNNVD-202307-805 | CVE-2023-36868 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36868 |
128 | Microsoft Azure Active Directory Connect 安全漏洞 | CNNVD-202307-803 | CVE-2023-36871 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36871 |
129 | Microsoft Windows Codecs Library 安全漏洞 | CNNVD-202307-802 | CVE-2023-36872 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36872 |
130 | Microsoft Office 安全漏洞 | CNNVD-202307-797 | CVE-2023-36884 | 低危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884 |
此次更新共包括9个更新漏洞的补丁程序,其中高危漏洞8个,中危漏洞1个。
序号 | 漏洞名称 | CNNVD编号 | CVE编号 | 危害等级 | 官方链接 |
1 | Microsoft Windows Kerberos 安全漏洞 | CNNVD-202211-2288 | CVE-2022-37967 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967 |
2 | Microsoft Windows Netlogon 安全漏洞 | CNNVD-202211-2274 | CVE-2022-38023 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023 |
3 | Microsoft ODBC Driver 安全漏洞 | CNNVD-202306-1261 | CVE-2023-29349 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29349 |
4 | Microsoft ODBC Driver 安全漏洞 | CNNVD-202306-1252 | CVE-2023-29356 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29356 |
5 | Microsoft ODBC Driver 安全漏洞 | CNNVD-202306-1254 | CVE-2023-32025 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32025 |
6 | Microsoft ODBC Driver 安全漏洞 | CNNVD-202306-1256 | CVE-2023-32026 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32026 |
7 | Microsoft ODBC Driver 安全漏洞 | CNNVD-202306-1258 | CVE-2023-32027 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32027 |
8 | Microsoft OLE Automation Remote code 安全漏洞 | CNNVD-202306-1260 | CVE-2023-32028 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32028 |
9 | Microsoft Windows Secure Boot 安全漏洞 | CNNVD-202305-767 | CVE-2023-24932 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932 |
三、修复建议
目前,微软官方已经发布补丁修复了上述漏洞,建议用户及时确认漏洞影响,尽快采取修补措施。微软官方补丁下载地址:
https://msrc.microsoft.com/update-guide/en-us
CNNVD将继续跟踪上述漏洞的相关情况,及时发布相关信息。如有需要,可与CNNVD联系。
联系方式:cnnvdvul@itsec.gov.cn
(来源:CNNVD)