阅读: 1

微软于周二发布了4月安全更新补丁,修复了113个从简单的欺骗攻击到远程执行代码的安全问题。产品涉及Android App、Apps、Microsoft Dynamics、Microsoft Graphics Component、Microsoft JET Database Engine、Microsoft Office、Microsoft Office SharePoint、Microsoft Scripting Engine、Microsoft Windows、Microsoft Windows DNS、Open Source Software、Remote Desktop Client、Visual Studio、Windows Defender、Windows Hyper-V、Windows Kernel、Windows Media以及Windows Update Stack。

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Apr

关键漏洞概述

本次更新微软共修复17个Critical级别漏洞,部分概述如下。

  • CVE-2020-0687

Microsoft Graphics 远程代码执行漏洞

漏洞由Windows字体库对特制嵌入式字体处理不当造成,攻击者可能以多种方式利用此漏洞。

一种是在基于 web 的场景中,通过诱导用户访问特制的网站来利用漏洞。另一种是在文件共享场景下,会诱导用户打开特制文档。

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0687

  • CVE-2020-0907

Microsoft 图形组件远程代码执行漏洞

在 Microsoft 图形组件处理内存中对象的过程中存在一个远程代码执行漏洞。仅当用户打开特制文件时,才会触发此漏洞,成功利用漏洞的攻击者可以在目标系统上执行任意代码。

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0907

  • CVE-2020-0929,CVE-2020-0931,CVE-2020-0932

    Microsoft SharePoint远程执行代码漏洞

    若要利用这些漏洞,攻击者需要将特制的SharePoint程序包上传至受影响版本的SharePoint,以允许他们在SharePoint应用程序池和SharePoint服务器中执行任意代码。

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0929

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0931

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0932

  • CVE-2020-0938和CVE-2020-1020

Windows Adobe Font Manager库远程执行代码漏洞

当Windows Adob​​e Type Manager库对multi-master字体(Adobe Type 1 PostScript格式)处理不当时出现的远程执行代码漏洞。

如果攻击者在Windows 10以外的任何操作系统上利用此bug,可实现远程执行任意代码。在Windows 10上,它们将仅限于以有限的特权在AppContainer沙箱中执行代码。

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0938

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1020

  • CVE-2020-0968

Internet Explorer 中,脚本引擎在处理内存中对象的过程中存在一个远程代码执行漏洞。

该漏洞可破坏内存,使攻击者在当前用户的上下文中执行任意代码。成功利用此漏洞的攻击者可获得与当前用户相同的权限。

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0968

  • CVE-2020-0970、CVE-2020-0969

分别是ChakraCore脚本引擎和Chakra脚本引擎处理内存中对象时存在的远程代码执行漏洞。影响Microsoft Edge (EdgeHTML-based),该漏洞可破坏内存,使攻击者在当前用户的上下文中执行任意代码。成功利用此漏洞的攻击者可获得与当前用户相同的权限。

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0970

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0969

  相关信息如下:

产品CVE 编号CVE 标题严重程度
Microsoft DynamicsCVE-2020-1022Dynamics Business Central 远程代码执行漏洞Critical
Microsoft Graphics ComponentCVE-2020-0907Microsoft Graphics Components 远程代码执行漏洞Critical
Microsoft Graphics ComponentCVE-2020-0687Microsoft Graphics 远程代码执行漏洞Critical
Microsoft Graphics ComponentCVE-2020-0938Adobe Font Manager Library 远程代码执行漏洞Critical
Microsoft Graphics ComponentCVE-2020-1020Adobe Font Manager Library 远程代码执行漏洞Critical
Microsoft OfficeCVE-2020-0931Microsoft SharePoint 远程代码执行漏洞Critical
Microsoft Office SharePointCVE-2020-0929Microsoft SharePoint 远程代码执行漏洞Critical
Microsoft Office SharePointCVE-2020-0932Microsoft SharePoint 远程代码执行漏洞Critical
Microsoft Office SharePointCVE-2020-0974Microsoft SharePoint 远程代码执行漏洞Critical
Microsoft Scripting EngineCVE-2020-0968Scripting Engine 内存破坏漏洞Critical
Microsoft Scripting EngineCVE-2020-0969Chakra Scripting Engine 内存破坏漏洞Critical
Microsoft Scripting EngineCVE-2020-0970Scripting Engine 内存破坏漏洞Critical
Microsoft WindowsCVE-2020-0965Microsoft Windows Codecs Library 远程代码执行漏洞Critical
Windows Hyper-VCVE-2020-0910Windows Hyper-V 远程代码执行漏洞Critical
Windows MediaCVE-2020-0948Media Foundation 内存破坏漏洞Critical
Windows MediaCVE-2020-0949Media Foundation 内存破坏漏洞Critical
Windows MediaCVE-2020-0950Media Foundation 内存破坏漏洞Critical
Android AppCVE-2020-0943Microsoft YourPhone Application for Android Authentication Bypass VulnerabilityImportant
AppsCVE-2020-1019Microsoft RMS Sharing App for Mac 特权提升漏洞Important
Microsoft DynamicsCVE-2020-1018Microsoft Dynamics Business Central/NAV Information DisclosureImportant
Microsoft DynamicsCVE-2020-1049Microsoft Dynamics 365 (On-Premise) Cross Site Scripting VulnerabilityImportant
Microsoft DynamicsCVE-2020-1050Microsoft Dynamics 365 (On-Premise) Cross Site Scripting VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-0784DirectX 特权提升漏洞Important
Microsoft Graphics ComponentCVE-2020-0987Microsoft Graphics Component 信息泄露漏洞Important
Microsoft Graphics ComponentCVE-2020-1004Windows Graphics Component 特权提升漏洞Important
Microsoft Graphics ComponentCVE-2020-1005Microsoft Graphics Component 信息泄露漏洞Important
Microsoft Graphics ComponentCVE-2020-0952Windows GDI 信息泄露漏洞Important
Microsoft Graphics ComponentCVE-2020-0958Win32k 特权提升漏洞Important
Microsoft Graphics ComponentCVE-2020-0964GDI+ 远程代码执行漏洞Important
Microsoft Graphics ComponentCVE-2020-0982Microsoft Graphics Component 信息泄露漏洞Important
Microsoft JET Database EngineCVE-2020-0988Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2020-0992Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2020-0994Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2020-0995Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2020-0999Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2020-1008Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2020-0889Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2020-0953Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2020-0959Jet Database Engine 远程代码执行漏洞Important
Microsoft JET Database EngineCVE-2020-0960Jet Database Engine 远程代码执行漏洞Important
Microsoft OfficeCVE-2020-0760Microsoft Office 远程代码执行漏洞Important
Microsoft OfficeCVE-2020-0906Microsoft Excel 远程代码执行漏洞Important
Microsoft OfficeCVE-2020-0935OneDrive for Windows 特权提升漏洞Important
Microsoft OfficeCVE-2020-0979Microsoft Excel 远程代码执行漏洞Important
Microsoft OfficeCVE-2020-0980Microsoft Word 远程代码执行漏洞Important
Microsoft OfficeCVE-2020-0991Microsoft Office 远程代码执行漏洞Important
Microsoft OfficeCVE-2020-0961Microsoft Office Access Connectivity Engine 远程代码执行漏洞Important
Microsoft OfficeCVE-2020-0984Microsoft (MAU) Office 特权提升漏洞Important
Microsoft Office SharePointCVE-2020-0920Microsoft SharePoint 远程代码执行漏洞Important
Microsoft Office SharePointCVE-2020-0923Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-0924Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-0925Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-0926Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-0927Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-0930Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-0933Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-0954Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-0971Microsoft SharePoint 远程代码执行漏洞Important
Microsoft Office SharePointCVE-2020-0972Microsoft SharePoint 欺骗漏洞Important
Microsoft Office SharePointCVE-2020-0973Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-0975Microsoft SharePoint 欺骗漏洞Important
Microsoft Office SharePointCVE-2020-0976Microsoft SharePoint 欺骗漏洞Important
Microsoft Office SharePointCVE-2020-0977Microsoft SharePoint 欺骗漏洞Important
Microsoft Office SharePointCVE-2020-0978Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft WindowsCVE-2020-0794Windows 拒绝服务漏洞Important
Microsoft WindowsCVE-2020-0944Connected User Experiences and Telemetry Service 特权提升漏洞Important
Microsoft WindowsCVE-2020-1001Windows Push Notification Service 特权提升漏洞Important
Microsoft WindowsCVE-2020-1006Windows Push Notification Service 特权提升漏洞Important
Microsoft WindowsCVE-2020-1029Connected User Experiences and Telemetry Service 特权提升漏洞Important
Microsoft WindowsCVE-2020-0934Windows 特权提升漏洞Important
Microsoft WindowsCVE-2020-0940Windows Push Notification Service 特权提升漏洞Important
Microsoft WindowsCVE-2020-0942Connected User Experiences and Telemetry Service 特权提升漏洞Important
Microsoft WindowsCVE-2020-0981Windows Token 安全功能绕过漏洞Important
Microsoft WindowsCVE-2020-1009Windows 特权提升漏洞Important
Microsoft WindowsCVE-2020-1011Windows 特权提升漏洞Important
Microsoft WindowsCVE-2020-1016Windows Push Notification Service 信息泄露漏洞Important
Microsoft WindowsCVE-2020-1017Windows Push Notification Service 特权提升漏洞Important
Microsoft WindowsCVE-2020-1094Windows Work Folder Service 特权提升漏洞Important
Microsoft Windows DNSCVE-2020-0993Windows DNS 拒绝服务漏洞Important
Open Source SoftwareCVE-2020-1026MSR JavaScript Cryptography Library 安全功能绕过漏洞Important
Remote Desktop ClientCVE-2020-0919Microsoft Remote Desktop App for Mac 特权提升漏洞Important
Visual StudioCVE-2020-0899Microsoft Visual Studio 特权提升漏洞Important
Visual StudioCVE-2020-0900Visual Studio Extension Installer Service 特权提升漏洞Important
Windows DefenderCVE-2020-0835Windows Defender Antimalware Platform Hard Link 特权提升漏洞Important
Windows DefenderCVE-2020-1002Microsoft Defender 特权提升漏洞Important
Windows Hyper-VCVE-2020-0917Windows Hyper-V 特权提升漏洞Important
Windows Hyper-VCVE-2020-0918Windows Hyper-V 特权提升漏洞Important
Windows KernelCVE-2020-0913Windows Kernel 特权提升漏洞Important
Windows KernelCVE-2020-0955Windows Kernel Information Disclosure in CPU Memory AccessImportant
Windows KernelCVE-2020-1000Windows Kernel 特权提升漏洞Important
Windows KernelCVE-2020-1003Windows Kernel 特权提升漏洞Important
Windows KernelCVE-2020-1007Windows Kernel 信息泄露漏洞Important
Windows KernelCVE-2020-1027Windows Kernel 特权提升漏洞Important
Windows KernelCVE-2020-0699Win32k 信息泄露漏洞Important
Windows KernelCVE-2020-0821Windows Kernel 信息泄露漏洞Important
Windows KernelCVE-2020-0888DirectX 特权提升漏洞Important
Windows KernelCVE-2020-0936Windows Scheduled Task 特权提升漏洞Important
Windows KernelCVE-2020-0956Win32k 特权提升漏洞Important
Windows KernelCVE-2020-0957Win32k 特权提升漏洞Important
Windows KernelCVE-2020-0962Win32k 信息泄露漏洞Important
Windows KernelCVE-2020-1015Windows 特权提升漏洞Important
Windows MediaCVE-2020-0945Media Foundation 信息泄露漏洞Important
Windows MediaCVE-2020-0946Media Foundation 信息泄露漏洞Important
Windows MediaCVE-2020-0947Media Foundation 信息泄露漏洞Important
Windows MediaCVE-2020-0937Media Foundation 信息泄露漏洞Important
Windows MediaCVE-2020-0939Media Foundation 信息泄露漏洞Important
Windows Update StackCVE-2020-0985Windows Update Stack 特权提升漏洞Important
Windows Update StackCVE-2020-0996Windows Update Stack 特权提升漏洞Important
Windows Update StackCVE-2020-0983Windows 特权提升漏洞Important
Windows Update StackCVE-2020-1014Microsoft Windows Update Client 特权提升漏洞Important
Microsoft Scripting EngineCVE-2020-0895Windows VBScript Engine 远程代码执行漏洞Low
Microsoft Scripting EngineCVE-2020-0966VBScript 远程代码执行漏洞Low
Microsoft Scripting EngineCVE-2020-0967VBScript 远程代码执行漏洞Moderate

修复建议

微软官方已经发布更新补丁,请及时进行补丁更新。