阅读: 3

微软于周二发布了7月安全更新补丁,修复了79个从简单的欺骗攻击到远程执行代码的安全问题

综述

微软于周二发布了7月安全更新补丁,修复了79个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及.NET Framework、ASP.NET、Azure、Azure DevOps、Internet Explorer、Microsoft Browsers、Microsoft Exchange Server、Microsoft Graphics Component、Microsoft Office、Microsoft Office SharePoint、Microsoft Scripting Engine、Microsoft Windows、Microsoft Windows DNS、Open Source Software、Servicing Stack Updates、SQL Server、Visual Studio、Windows Kernel、Windows Media、Windows RDP以及Windows Shell。

相关信息如下:

产品 CVE 编号 CVE 标题 严重程度
.NET Framework CVE-2019-1113 .NET Framework 远程代码执行漏洞 Critical
.NET Framework CVE-2019-1006 WCF/WIF SAML Token Authentication Bypass Vulnerability Important
.NET Framework CVE-2019-1083 .NET 拒绝服务漏洞 Important
ASP.NET CVE-2019-1075 ASP.NET Core 欺骗漏洞 Moderate
Azure CVE-2019-0962 Azure Automation 特权提升漏洞 Important
Azure DevOps CVE-2019-1072 Azure DevOps Server and Team Foundation Server 远程代码执行漏洞 Critical
Azure DevOps CVE-2019-1076 Team Foundation Server Cross-site Scripting Vulnerability Important
Internet Explorer CVE-2019-1063 Internet Explorer 内存破坏漏洞 Critical
Microsoft Browsers CVE-2019-1104 Microsoft Browser 内存破坏漏洞 Critical
Microsoft Exchange Server CVE-2019-1136 Microsoft Exchange Server 特权提升漏洞 Important
Microsoft Exchange Server CVE-2019-1137 Microsoft Exchange Server 欺骗漏洞 Important
Microsoft Exchange Server ADV190021 Outlook on the web 跨站脚本漏洞 Important
Microsoft Graphics Component CVE-2019-1093 DirectWrite 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-1094 Windows GDI 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-1095 Windows GDI 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-1096 Win32k 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-1097 DirectWrite 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-1098 Windows GDI 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-1100 Windows GDI 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-1101 Windows GDI 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-1102 GDI+ 远程代码执行漏洞 Critical
Microsoft Graphics Component CVE-2019-1116 Windows GDI 信息泄露漏洞 Important
Microsoft Graphics Component CVE-2019-1117 DirectWrite 远程代码执行漏洞 Important
Microsoft Graphics Component CVE-2019-1118 DirectWrite 远程代码执行漏洞 Important
Microsoft Graphics Component CVE-2019-1119 DirectWrite 远程代码执行漏洞 Important
Microsoft Graphics Component CVE-2019-1120 DirectWrite 远程代码执行漏洞 Important
Microsoft Graphics Component CVE-2019-1121 DirectWrite 远程代码执行漏洞 Important
Microsoft Graphics Component CVE-2019-1122 DirectWrite 远程代码执行漏洞 Important
Microsoft Graphics Component CVE-2019-1123 DirectWrite 远程代码执行漏洞 Important
Microsoft Graphics Component CVE-2019-1124 DirectWrite 远程代码执行漏洞 Important
Microsoft Graphics Component CVE-2019-1127 DirectWrite 远程代码执行漏洞 Important
Microsoft Graphics Component CVE-2019-1128 DirectWrite 远程代码执行漏洞 Important
Microsoft Graphics Component CVE-2019-0999 DirectX 特权提升漏洞 Important
Microsoft Office CVE-2019-1109 Microsoft Office 欺骗漏洞 Important
Microsoft Office CVE-2019-1110 Microsoft Excel 远程代码执行漏洞 Important
Microsoft Office CVE-2019-1111 Microsoft Excel 远程代码执行漏洞 Important
Microsoft Office CVE-2019-1112 Microsoft Excel 信息泄露漏洞 Important
Microsoft Office CVE-2019-1084 Microsoft Exchange 信息泄露漏洞 Important
Microsoft Office SharePoint CVE-2019-1134 Microsoft Office SharePoint XSS Vulnerability Important
Microsoft Scripting Engine CVE-2019-1056 Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-1059 Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-1062 Chakra Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-1092 Chakra Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-1103 Chakra Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-1106 Chakra Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-1107 Chakra Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-1001 Scripting Engine 内存破坏漏洞 Critical
Microsoft Scripting Engine CVE-2019-1004 Scripting Engine 内存破坏漏洞 Critical
Microsoft Windows CVE-2019-0865 SymCrypt 拒绝服务漏洞 Important
Microsoft Windows CVE-2019-0887 Remote Desktop Services 远程代码执行漏洞 Important
Microsoft Windows CVE-2019-0966 Windows Hyper-V 拒绝服务漏洞 Important
Microsoft Windows CVE-2019-0975 ADFS 安全功能绕过漏洞 Important
Microsoft Windows CVE-2019-1126 ADFS 安全功能绕过漏洞 Important
Microsoft Windows CVE-2019-0785 Windows DHCP Server 远程代码执行漏洞 Critical
Microsoft Windows CVE-2019-0880 Microsoft splwow64 特权提升漏洞 Important
Microsoft Windows CVE-2019-1037 Windows Error Reporting 特权提升漏洞 Important
Microsoft Windows CVE-2019-1067 Windows Kernel 特权提升漏洞 Important
Microsoft Windows CVE-2019-1074 Microsoft Windows 特权提升漏洞 Important
Microsoft Windows CVE-2019-1082 Microsoft Windows 特权提升漏洞 Important
Microsoft Windows CVE-2019-1091 Microsoft unistore.dll 信息泄露漏洞 Important
Microsoft Windows CVE-2019-1129 Windows 特权提升漏洞 Important
Microsoft Windows CVE-2019-1130 Windows 特权提升漏洞 Important
Microsoft Windows DNS CVE-2019-0811 Windows DNS Server 拒绝服务漏洞 Important
Microsoft Windows DNS CVE-2019-1090 Windows dnsrlvr.dll 特权提升漏洞 Important
Open Source Software CVE-2018-15664 Docker 特权提升漏洞 Important
Servicing Stack Updates ADV990001 Latest Servicing Stack Updates Critical
SQL Server CVE-2019-1068 Microsoft SQL Server 远程代码执行漏洞 Important
Visual Studio CVE-2019-1077 Visual Studio 特权提升漏洞 Important
Visual Studio CVE-2019-1079 Visual Studio 信息泄露漏洞 Important
Windows Kernel CVE-2019-1071 Windows Kernel 信息泄露漏洞 Important
Windows Kernel CVE-2019-1073 Windows Kernel 信息泄露漏洞 Important
Windows Kernel CVE-2019-1089 Windows RPCSS 特权提升漏洞 Important
Windows Kernel CVE-2019-1132 Win32k 特权提升漏洞 Important
Windows Media CVE-2019-1085 Windows WLAN Service 特权提升漏洞 Important
Windows Media CVE-2019-1086 Windows Audio Service 特权提升漏洞 Important
Windows Media CVE-2019-1087 Windows Audio Service 特权提升漏洞 Important
Windows Media CVE-2019-1088 Windows Audio Service 特权提升漏洞 Important
Windows RDP CVE-2019-1108 Remote Desktop Protocol Client 信息泄露漏洞 Important
Windows Shell CVE-2019-1099 Windows GDI 信息泄露漏洞 Important

修复建议

微软官方已经发布更新补丁,请及时进行补丁更新。

附件下载

微软发布7月补丁修复79个安全问题