【漏洞详情】
微软已发布2019年04月安全补丁,覆盖 Windows多个核心组件(Windows、win32k、LUAFV、CSRSS、MSXML、VSScript),共修复74 个安全漏洞,其中包含 2 个 0 day 漏洞、13个严重漏洞,攻击者可利用此类漏洞进行远程代码执行、本地权限提权等攻击,修复的漏洞详细列表如下,请用户依据自身业务评估实际漏洞影响并安排补丁升级:
序号 |
CVE |
Title |
Severity |
1 |
CVE-2019-0803 |
Win32k Elevation of Privilege Vulnerability |
Important |
2 |
CVE-2019-0859 |
Win32k Elevation of Privilege Vulnerability |
Important |
3 |
CVE-2019-0739 |
Scripting Engine Memory Corruption Vulnerability |
Critical |
4 |
CVE-2019-0786 |
SMB Server Elevation of Privilege Vulnerability |
Critical |
5 |
CVE-2019-0791 |
MS XML Remote Code Execution Vulnerability |
Critical |
6 |
CVE-2019-0792 |
MS XML Remote Code Execution Vulnerability |
Critical |
7 |
CVE-2019-0793 |
MS XML Remote Code Execution Vulnerability |
Critical |
8 |
CVE-2019-0806 |
Chakra Scripting Engine Memory Corruption Vulnerability |
Critical |
9 |
CVE-2019-0810 |
Chakra Scripting Engine Memory Corruption Vulnerability |
Critical |
10 |
CVE-2019-0812 |
Chakra Scripting Engine Memory Corruption Vulnerability |
Critical |
11 |
CVE-2019-0829 |
Chakra Scripting Engine Memory Corruption Vulnerability |
Critical |
12 |
CVE-2019-0845 |
Windows IOleCvt Interface Remote Code Execution Vulnerability |
Critical |
13 |
CVE-2019-0853 |
GDI+ Remote Code Execution Vulnerability |
Critical |
14 |
CVE-2019-0860 |
Chakra Scripting Engine Memory Corruption Vulnerability |
Critical |
15 |
CVE-2019-0861 |
Chakra Scripting Engine Memory Corruption Vulnerability |
Critical |
16 |
CVE-2019-0685 |
Win32k Elevation of Privilege Vulnerability |
Important |
17 |
CVE-2019-0688 |
Windows TCP/IP Information Disclosure Vulnerability |
Important |
18 |
CVE-2019-0730 |
Windows Elevation of Privilege Vulnerability |
Important |
19 |
CVE-2019-0731 |
Windows Elevation of Privilege Vulnerability |
Important |
20 |
CVE-2019-0732 |
Windows Security Feature Bypass Vulnerability |
Important |
21 |
CVE-2019-0735 |
Windows CSRSS Elevation of Privilege Vulnerability |
Important |
22 |
CVE-2019-0752 |
Scripting Engine Memory Corruption Vulnerability |
Important |
23 |
CVE-2019-0753 |
Scripting Engine Memory Corruption Vulnerability |
Important |
24 |
CVE-2019-0764 |
Microsoft Browsers Tampering Vulnerability |
Important |
25 |
CVE-2019-0790 |
MS XML Remote Code Execution Vulnerability |
Important |
26 |
CVE-2019-0794 |
VBScript Remote Code Execution Vulnerability |
Important |
27 |
CVE-2019-0795 |
MS XML Remote Code Execution Vulnerability |
Important |
28 |
CVE-2019-0796 |
Windows Elevation of Privilege Vulnerability |
Important |
29 |
CVE-2019-0801 |
Office Remote Code Execution Vulnerability |
Important |
30 |
CVE-2019-0802 |
Windows GDI Information Disclosure Vulnerability |
Important |
31 |
CVE-2019-0805 |
Windows Elevation of Privilege Vulnerability |
Important |
32 |
CVE-2019-0813 |
Windows Admin Center Elevation of Privilege Vulnerability |
Important |
33 |
CVE-2019-0814 |
Win32k Information Disclosure Vulnerability |
Important |
34 |
CVE-2019-0815 |
ASP.NET Core Denial of Service Vulnerability |
Important |
35 |
CVE-2019-0817 |
Microsoft Exchange Spoofing Vulnerability |
Important |
36 |
CVE-2019-0822 |
Microsoft Graphics Components Remote Code Execution Vulnerability |
Important |
37 |
CVE-2019-0823 |
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability |
Important |
38 |
CVE-2019-0824 |
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability |
Important |
39 |
CVE-2019-0825 |
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability |
Important |
40 |
CVE-2019-0826 |
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability |
Important |
41 |
CVE-2019-0827 |
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability |
Important |
42 |
CVE-2019-0828 |
Microsoft Excel Remote Code Execution Vulnerability |
Important |
43 |
CVE-2019-0830 |
Microsoft Office SharePoint XSS Vulnerability |
Important |
44 |
CVE-2019-0831 |
Microsoft Office SharePoint XSS Vulnerability |
Important |
45 |
CVE-2019-0833 |
Microsoft Edge Information Disclosure Vulnerability |
Important |
46 |
CVE-2019-0835 |
Microsoft Scripting Engine Information Disclosure Vulnerability |
Important |
47 |
CVE-2019-0836 |
Windows Elevation of Privilege Vulnerability |
Important |
48 |
CVE-2019-0837 |
DirectX Information Disclosure Vulnerability |
Important |
49 |
CVE-2019-0838 |
Windows Information Disclosure Vulnerability |
Important |
50 |
CVE-2019-0839 |
Windows Information Disclosure Vulnerability |
Important |
51 |
CVE-2019-0840 |
Windows Kernel Information Disclosure Vulnerability |
Important |
52 |
CVE-2019-0841 |
Windows Elevation of Privilege Vulnerability |
Important |
53 |
CVE-2019-0842 |
Windows VBScript Engine Remote Code Execution Vulnerability |
Important |
54 |
CVE-2019-0844 |
Windows Kernel Information Disclosure Vulnerability |
Important |
55 |
CVE-2019-0846 |
Jet Database Engine Remote Code Execution Vulnerability |
Important |
56 |
CVE-2019-0847 |
Jet Database Engine Remote Code Execution Vulnerability |
Important |
57 |
CVE-2019-0848 |
Win32k Information Disclosure Vulnerability |
Important |
58 |
CVE-2019-0849 |
Windows GDI Information Disclosure Vulnerability |
Important |
59 |
CVE-2019-0851 |
Jet Database Engine Remote Code Execution Vulnerability |
Important |
60 |
CVE-2019-0856 |
Windows Remote Code Execution Vulnerability |
Important |
61 |
CVE-2019-0857 |
Team Foundation Server Spoofing Vulnerability |
Important |
62 |
CVE-2019-0858 |
Microsoft Exchange Spoofing Vulnerability |
Important |
63 |
CVE-2019-0862 |
Windows VBScript Engine Remote Code Execution Vulnerability |
Important |
64 |
CVE-2019-0866 |
Team Foundation Server Cross-site Scripting Vulnerability |
Important |
65 |
CVE-2019-0867 |
Team Foundation Server Cross-site Scripting Vulnerability |
Important |
66 |
CVE-2019-0868 |
Team Foundation Server Cross-site Scripting Vulnerability |
Important |
67 |
CVE-2019-0869 |
Team Foundation Server HTML Injection Vulnerability |
Important |
68 |
CVE-2019-0870 |
Team Foundation Server Cross-site Scripting Vulnerability |
Important |
69 |
CVE-2019-0871 |
Team Foundation Server Cross-site Scripting Vulnerability |
Important |
70 |
CVE-2019-0874 |
Team Foundation Server Cross-site Scripting Vulnerability |
Important |
71 |
CVE-2019-0875 |
Azure DevOps Server Elevation of Privilege Vulnerability |
Important |
72 |
CVE-2019-0876 |
Open Enclave SDK Information Disclosure Vulnerability |
Important |
73 |
CVE-2019-0877 |
Jet Database Engine Remote Code Execution Vulnerability |
Important |
74 |
CVE-2019-0879 |
Jet Database Engine Remote Code Execution Vulnerability |
Important |
【风险评级】
高危
【影响范围】
4月安全发布的漏洞及补丁涉及组件如下:
Internet Explorer
Microsoft Edge
ChakraCore
Microsoft Office
Microsoft Exchange
Microsoft Windows
XML Core Service
Graphics Device Interface (GDI)
LUA File Virtualization Filter Driver (Luafv.sys)
Jet Database Engine
Azure DevOps Server
Team Foundation Server
ASP.NET
Open Enclave Software Development Kit
【修复建议】
1、建议用户关注并依据业务评估实际漏洞影响,选择更新相关产品补丁,以提高系统安全性;
2、修复方法:打开 Windows Update 更新功能,点击“检查更新”按钮,依据业务需求下载安装相关安全补丁,安装完毕后重启系统,并检查系统运行情况。
【参考链接】
特别提醒:修复漏洞前请进行充分测试,并务必做好数据备份和快照,防止出现意外。