微软发布12月补丁修复39个安全问题 安全威胁通告
2018-12-12
综述
微软于周二发布了12月安全更新补丁,修复了39个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及.NET Framework、Adobe Flash Player、Internet Explorer、Microsoft Dynamics、Mi2crosoft Exchange Server、Microsoft Graphics Component、Microsoft Office、Microsoft Office SharePoint、Microsoft sc
相关信息如下(红色部分威胁相对比较高):
|
产品 |
CVE编号 |
CVE标题 |
|
.NET Framework |
CVE-2018-8517 |
.NET Framework Denial Of Service Vulnerability |
|
.NET Framework |
CVE-2018-8540 |
.NET Framework Remote Code Injection Vulnerability |
|
Adobe Flash Player |
ADV180031 |
December 2018 Adobe Flash安全更新 |
|
Internet Explorer |
CVE-2018-8619 |
Internet Explorer远程代码执行漏洞 |
|
Internet Explorer |
CVE-2018-8631 |
Internet Explorer内存破坏漏洞 |
|
Microsoft Dynamics |
CVE-2018-8651 |
Microsoft Dynamics NAV
Cross Site sc |
|
Microsoft Exchange Server |
CVE-2018-8604 |
Microsoft Exchange Server Tampering Vulnerability |
|
Microsoft Graphics Component |
CVE-2018-8595 |
Windows GDI信息泄露漏洞 |
|
Microsoft Graphics Component |
CVE-2018-8596 |
Windows GDI信息泄露漏洞 |
|
Microsoft Graphics Component |
CVE-2018-8638 |
DirectX信息泄露漏洞 |
|
Microsoft Graphics Component |
CVE-2018-8639 |
Win32k特权提升漏洞 |
|
Microsoft Office |
CVE-2018-8587 |
Microsoft Outlook远程代码执行漏洞 |
|
Microsoft Office |
CVE-2018-8597 |
Microsoft Excel远程代码执行漏洞 |
|
Microsoft Office |
CVE-2018-8598 |
Microsoft Excel信息泄露漏洞 |
|
Microsoft Office |
CVE-2018-8627 |
Microsoft Excel信息泄露漏洞 |
|
Microsoft Office |
CVE-2018-8628 |
Microsoft PowerPoint远程代码执行漏洞 |
|
Microsoft Office |
CVE-2018-8636 |
Microsoft Excel远程代码执行漏洞 |
|
Microsoft Office SharePoint |
CVE-2018-8580 |
Microsoft SharePoint信息泄露漏洞 |
|
Microsoft Office SharePoint |
CVE-2018-8635 |
Microsoft SharePoint Server特权提升漏洞 |
|
Microsoft
sc |
CVE-2018-8583 |
Chakra sc |
|
Microsoft
sc |
CVE-2018-8617 |
Chakra
sc |
|
Microsoft
sc |
CVE-2018-8618 |
Chakra sc |
|
Microsoft
sc |
CVE-2018-8624 |
Chakra
sc |
|
Microsoft
sc |
CVE-2018-8625 |
Windows vb |
|
Microsoft
sc |
CVE-2018-8629 |
Chakra
sc |
|
Microsoft
sc |
CVE-2018-8643 |
sc |
|
Microsoft Windows |
CVE-2018-8649 |
Windows拒绝服务漏洞 |
|
Microsoft Windows DNS |
CVE-2018-8514 |
Remote Procedure Call runtime信息泄露漏洞 |
|
Microsoft Windows DNS |
CVE-2018-8626 |
Windows DNS Server Heap Overflow Vulnerability |
|
Visual Studio |
CVE-2018-8599 |
Diagnostics Hub Standard Collector Service特权提升漏洞 |
|
Windows Authentication Methods |
CVE-2018-8634 |
Microsoft Text-To-Speech远程代码执行漏洞 |
|
Windows Azure Pack |
CVE-2018-8652 |
Windows Azure Pack
Cross Site sc |
|
Windows Kernel |
CVE-2018-8477 |
Windows Kernel信息泄露漏洞 |
|
Windows Kernel |
CVE-2018-8611 |
Windows Kernel特权提升漏洞 |
|
Windows Kernel |
CVE-2018-8612 |
Connected User Experiences and Telemetry Service拒绝服务漏洞 |
|
Windows Kernel |
CVE-2018-8621 |
Windows Kernel信息泄露漏洞 |
|
Windows Kernel |
CVE-2018-8622 |
Windows Kernel信息泄露漏洞 |
|
Windows Kernel |
CVE-2018-8637 |
Win32k信息泄露漏洞 |
|
Windows Kernel-Mode Drivers |
CVE-2018-8641 |
Win32k特权提升漏洞 |
修复建议
微软官方已经发布更新补丁,请及时进行补丁更新。
