本月补丁星期二活动共计修复108处漏洞 其中19处为关键漏洞

摘要:

对于普通用户来说,本月补丁星期二活动发布的 Windows 10 累积更新并没有什么新的内容,主要是对系统安全性进行优化。不过对于 Windows 和 Microsoft Exchange 管理员来说,最近几个月一直非常忙碌,4 月累积更新修复了 5 个零日漏洞和更多的 Exchange 漏洞

patch-tuesday-large.jpg

在今天的更新中,微软共计修复了 108 处漏洞,其中 19 个标记为“关键漏洞”(Critial),89 个标记为“重要漏洞”(Important)。而且这些漏洞并不包含本月初发布的 6 个 Chromium Edge 漏洞。

此外,今天微软还修复了 5 个公开披露的零日漏洞,其中 1 个已知用于网络攻击。更糟糕的是,微软修复了 NSA 发现的 4 个关键的 Microsoft Exchange 漏洞。作为今天补丁星期二的一部分,微软已经修复了 4 个公开披露的漏洞和一个主动利用的漏洞。

以下 4 个漏洞微软表示已经公开暴露,但没有证据表明被黑客利用。

CVE-2021-27091 - RPC端点映射器服务权限提升的漏洞

CVE-2021-28312 - Windows NTFS 拒绝服务漏洞

CVE-2021-28437 - Windows 安装程序信息泄露漏洞 - PolarBear

CVE-2021-28458 - Azure ms-rest-nodeauth 库的权限提升漏洞

卡巴斯基研究人员 Boris Larin 发现的以下漏洞已经被黑客组织 BITTER APT 利用。

CVE-2021-28310 - Win32k 提升权限漏洞

卡巴斯基在博文中解释道:“不幸的是,我们无法捕捉到一个完整的链条,所以我们不知道该漏洞是否与另一个浏览器零日配合使用,或者与已知的、打过补丁的漏洞结合在一起使用”。

微软 Exchange 的管理员们并没有得到任何休息,因为今天又有 4 个 NSA 发现的关键远程代码执行漏洞在微软 Exchange 中得到了修复。其中两个漏洞是预认证,这意味着它们不需要攻击者先登录服务器。

CVE-2021-28480--微软Exchange服务器远程代码执行漏洞

CVE-2021-28481 - 微软Exchange服务器远程代码执行漏洞

CVE-2021-28482 - 微软Exchange服务器远程代码执行漏洞

CVE-2021-28483 - 微软Exchange服务器远程代码执行漏洞

完整报告如下

TagCVE IDCVE TitleSeverity
Azure AD Web Sign-inCVE-2021-27092Azure AD Web Sign-in Security Feature Bypass VulnerabilityImportant
Azure DevOpsCVE-2021-28459Azure DevOps Server Spoofing VulnerabilityImportant
Azure DevOpsCVE-2021-27067Azure DevOps Server and Team Foundation Server Information Disclosure VulnerabilityImportant
Azure SphereCVE-2021-28460Azure Sphere Unsigned Code Execution VulnerabilityCritical
Microsoft Edge (Chromium-based)CVE-2021-21199Chromium: CVE-2021-21199 Use Use after free in AuraUnknown
Microsoft Edge (Chromium-based)CVE-2021-21194Chromium: CVE-2021-21194 Use after free in screen captureUnknown
Microsoft Edge (Chromium-based)CVE-2021-21197Chromium: CVE-2021-21197 Heap buffer overflow in TabStripUnknown
Microsoft Edge (Chromium-based)CVE-2021-21198Chromium: CVE-2021-21198 Out of bounds read in IPCUnknown
Microsoft Edge (Chromium-based)CVE-2021-21195Chromium: CVE-2021-21195 Use after free in V8Unknown
Microsoft Edge (Chromium-based)CVE-2021-21196Chromium: CVE-2021-21196 Heap buffer overflow in TabStripUnknown
Microsoft Exchange ServerCVE-2021-28480Microsoft Exchange Server Remote Code Execution VulnerabilityCritical
Microsoft Exchange ServerCVE-2021-28482Microsoft Exchange Server Remote Code Execution VulnerabilityCritical
Microsoft Exchange ServerCVE-2021-28483Microsoft Exchange Server Remote Code Execution VulnerabilityCritical
Microsoft Exchange ServerCVE-2021-28481Microsoft Exchange Server Remote Code Execution VulnerabilityCritical
Microsoft Graphics ComponentCVE-2021-28350Windows GDI+ Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2021-28318Windows GDI+ Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2021-28348Windows GDI+ Remote Code Execution VulnerabilityImportant
Microsoft Graphics ComponentCVE-2021-28349Windows GDI+ Remote Code Execution VulnerabilityImportant
Microsoft Internet Messaging APICVE-2021-27089Microsoft Internet Messaging API Remote Code Execution VulnerabilityImportant
Microsoft NTFSCVE-2021-28312Windows NTFS Denial of Service VulnerabilityModerate
Microsoft NTFSCVE-2021-27096NTFS Elevation of Privilege VulnerabilityImportant
Microsoft Office ExcelCVE-2021-28456Microsoft Excel Information Disclosure VulnerabilityImportant
Microsoft Office ExcelCVE-2021-28451Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2021-28454Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft Office ExcelCVE-2021-28449Microsoft Office Remote Code Execution VulnerabilityImportant
Microsoft Office OutlookCVE-2021-28452Microsoft Outlook Memory Corruption VulnerabilityImportant
Microsoft Office SharePointCVE-2021-28450Microsoft SharePoint Denial of Service UpdateImportant
Microsoft Office WordCVE-2021-28453Microsoft Word Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-28464VP9 Video Extensions Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-28466Raw Image Extension Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-27079Windows Media Photo Codec Information Disclosure VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-28468Raw Image Extension Remote Code Execution VulnerabilityImportant
Microsoft Windows Codecs LibraryCVE-2021-28317Microsoft Windows Codecs Library Information Disclosure VulnerabilityImportant
Microsoft Windows DNSCVE-2021-28323Windows DNS Information Disclosure VulnerabilityImportant
Microsoft Windows DNSCVE-2021-28328Windows DNS Information Disclosure VulnerabilityImportant
Microsoft Windows SpeechCVE-2021-28351Windows Speech Runtime Elevation of Privilege VulnerabilityImportant
Microsoft Windows SpeechCVE-2021-28436Windows Speech Runtime Elevation of Privilege VulnerabilityImportant
Microsoft Windows SpeechCVE-2021-28347Windows Speech Runtime Elevation of Privilege VulnerabilityImportant
Open Source SoftwareCVE-2021-28458Azure ms-rest-nodeauth Library Elevation of Privilege VulnerabilityImportant
Role: Hyper-VCVE-2021-28441Windows Hyper-V Information Disclosure VulnerabilityImportant
Role: Hyper-VCVE-2021-28314Windows Hyper-V Elevation of Privilege VulnerabilityImportant
Role: Hyper-VCVE-2021-28444Windows Hyper-V Security Feature Bypass VulnerabilityImportant
Role: Hyper-VCVE-2021-26416Windows Hyper-V Denial of Service VulnerabilityImportant
Visual StudioCVE-2021-27064Visual Studio Installer Elevation of Privilege VulnerabilityImportant
Visual Studio CodeCVE-2021-28457Visual Studio Code Remote Code Execution VulnerabilityImportant
Visual Studio CodeCVE-2021-28471Remote Development Extension for Visual Studio Code Remote Code Execution VulnerabilityImportant
Visual Studio CodeCVE-2021-28475Visual Studio Code Remote Code Execution VulnerabilityImportant
Visual Studio CodeCVE-2021-28473Visual Studio Code Remote Code Execution VulnerabilityImportant
Visual Studio CodeCVE-2021-28477Visual Studio Code Remote Code Execution VulnerabilityImportant
Visual Studio CodeCVE-2021-28469Visual Studio Code Remote Code Execution VulnerabilityImportant
Visual Studio Code - GitHub Pull Requests and Issues ExtensionCVE-2021-28470Visual Studio Code GitHub Pull Requests and Issues Extension Remote Code Execution VulnerabilityImportant
Visual Studio Code - Kubernetes ToolsCVE-2021-28448Visual Studio Code Kubernetes Tools Remote Code Execution VulnerabilityImportant
Visual Studio Code - Maven for Java ExtensionCVE-2021-28472Visual Studio Code Maven for Java Extension Remote Code Execution VulnerabilityImportant
Windows Application Compatibility CacheCVE-2021-28311Windows Application Compatibility Cache Denial of Service VulnerabilityImportant
Windows AppX Deployment ExtensionsCVE-2021-28326Windows AppX Deployment Server Denial of Service VulnerabilityImportant
Windows Console DriverCVE-2021-28438Windows Console Driver Denial of Service VulnerabilityImportant
Windows Console DriverCVE-2021-28443Windows Console Driver Denial of Service VulnerabilityImportant
Windows Diagnostic HubCVE-2021-28313Diagnostics Hub Standard Collector Service Elevation of Privilege VulnerabilityImportant
Windows Diagnostic HubCVE-2021-28321Diagnostics Hub Standard Collector Service Elevation of Privilege VulnerabilityImportant
Windows Diagnostic HubCVE-2021-28322Diagnostics Hub Standard Collector Service Elevation of Privilege VulnerabilityImportant
Windows Early Launch Antimalware DriverCVE-2021-28447Windows Early Launch Antimalware Driver Security Feature Bypass VulnerabilityImportant
Windows ELAMCVE-2021-27094Windows Early Launch Antimalware Driver Security Feature Bypass VulnerabilityImportant
Windows Event TracingCVE-2021-27088Windows Event Tracing Elevation of Privilege VulnerabilityImportant
Windows Event TracingCVE-2021-28435Windows Event Tracing Information Disclosure VulnerabilityImportant
Windows InstallerCVE-2021-26413Windows Installer Spoofing VulnerabilityImportant
Windows InstallerCVE-2021-28440Windows Installer Elevation of Privilege VulnerabilityImportant
Windows InstallerCVE-2021-28437Windows Installer Information Disclosure VulnerabilityImportant
Windows InstallerCVE-2021-26415Windows Installer Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2021-27093Windows Kernel Information Disclosure VulnerabilityImportant
Windows KernelCVE-2021-28309Windows Kernel Information Disclosure VulnerabilityImportant
Windows Media PlayerCVE-2021-28315Windows Media Video Decoder Remote Code Execution VulnerabilityCritical
Windows Media PlayerCVE-2021-27095Windows Media Video Decoder Remote Code Execution VulnerabilityCritical
Windows Network File SystemCVE-2021-28445Windows Network File System Remote Code Execution VulnerabilityImportant
Windows Overlay FilterCVE-2021-26417Windows Overlay Filter Information Disclosure VulnerabilityImportant
Windows PortmappingCVE-2021-28446Windows Portmapping Information Disclosure VulnerabilityImportant
Windows RegistryCVE-2021-27091RPC Endpoint Mapper Service Elevation of Privilege VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28336Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
Windows Remote Procedure Call RuntimeCVE-2021-28335Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
Windows Remote Procedure Call RuntimeCVE-2021-28334Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
Windows Remote Procedure Call RuntimeCVE-2021-28338Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
Windows Remote Procedure Call RuntimeCVE-2021-28434Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28337Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
Windows Remote Procedure Call RuntimeCVE-2021-28333Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
Windows Remote Procedure Call RuntimeCVE-2021-28327Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28329Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
Windows Remote Procedure Call RuntimeCVE-2021-28330Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
Windows Remote Procedure Call RuntimeCVE-2021-28332Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
Windows Remote Procedure Call RuntimeCVE-2021-28331Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
Windows Remote Procedure Call RuntimeCVE-2021-28354Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28339Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
Windows Remote Procedure Call RuntimeCVE-2021-28355Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28353Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28352Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28357Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28358Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28356Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28346Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28342Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28340Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28341Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28345Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28344Remote Procedure Call Runtime Remote Code Execution VulnerabilityImportant
Windows Remote Procedure Call RuntimeCVE-2021-28343Remote Procedure Call Runtime Remote Code Execution VulnerabilityCritical
Windows Resource ManagerCVE-2021-28320Windows Resource Manager PSM Service Extension Elevation of Privilege VulnerabilityImportant
Windows Secure Kernel ModeCVE-2021-27090Windows Secure Kernel Mode Elevation of Privilege VulnerabilityImportant
Windows Services and Controller AppCVE-2021-27086Windows Services and Controller App Elevation of Privilege VulnerabilityImportant
Windows SMB ServerCVE-2021-28325Windows SMB Information Disclosure VulnerabilityImportant
Windows SMB ServerCVE-2021-28324Windows SMB Information Disclosure VulnerabilityImportant
Windows TCP/IPCVE-2021-28439Windows TCP/IP Driver Denial of Service VulnerabilityImportant
Windows TCP/IPCVE-2021-28442Windows TCP/IP Information Disclosure VulnerabilityImportant
Windows TCP/IPCVE-2021-28319Windows TCP/IP Driver Denial of Service VulnerabilityImportant
Windows Win32KCVE-2021-27072Win32k Elevation of Privilege VulnerabilityImportant
Windows Win32KCVE-2021-28310Win32k Elevation of Privilege VulnerabilityImportant
Windows WLAN Auto Config ServiceCVE-2021-28316Windows WLAN AutoConfig Service Security Feature Bypass VulnerabilityImportant
查看评论
created by ceallan