【威胁通告】微软发布8月补丁修复95个安全问题

阅读： 0

微软于周二发布了8月安全更新补丁，修复了95个从简单的欺骗攻击到远程执行代码的安全问题

综述

微软于周二发布了8月安全更新补丁，修复了95个从简单的欺骗攻击到远程执行代码的安全问题，产品涉及Active Directory、HTTP/2、Microsoft Bluetooth Driver、Microsoft Browsers、Microsoft Dynamics、Microsoft Edge、Microsoft Graphics Component、Microsoft JET Database Engine、Microsoft Malware Protection Engine、Microsoft NTFS、Microsoft Office、Microsoft Office SharePoint、Microsoft Scripting Engine、Microsoft Windows、Microsoft XML、Microsoft XML Core Services、Online Services、Visual Studio、Windows – Linux、Windows DHCP Client、Windows DHCP Server、Windows Hyper-V、Windows Kernel、Windows RDP、Windows Scripting、Windows Shell以及Windows SymCrypt。

相关信息如下：

产品	CVE 编号	CVE 标题	严重程度
Active Directory	ADV190023	Microsoft Guidance for Enabling LDAP Channel Binding and LDAP Signing
HTTP/2	CVE-2019-9511	HTTP/2 Server 拒绝服务漏洞	Important
HTTP/2	CVE-2019-9512	HTTP/2 Server 拒绝服务漏洞	Important
HTTP/2	CVE-2019-9513	HTTP/2 Server 拒绝服务漏洞	Important
HTTP/2	CVE-2019-9514	HTTP/2 Server 拒绝服务漏洞	Important
HTTP/2	CVE-2019-9518	HTTP/2 Server 拒绝服务漏洞	Important
Microsoft Bluetooth Driver	CVE-2019-9506	Encryption Key Negotiation of Bluetooth Vulnerability	Important
Microsoft Browsers	CVE-2019-1192	Microsoft Browsers 安全功能绕过漏洞	Important
Microsoft Browsers	CVE-2019-1193	Microsoft Browser 内存破坏漏洞	Low
Microsoft Dynamics	CVE-2019-1229	Dynamics On-Premise 特权提升漏洞	Important
Microsoft Edge	CVE-2019-1030	Microsoft Edge 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1078	Microsoft Graphics Component 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1143	Windows Graphics Component 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1144	Microsoft Graphics 远程代码执行漏洞	Critical
Microsoft Graphics Component	CVE-2019-1145	Microsoft Graphics 远程代码执行漏洞	Critical
Microsoft Graphics Component	CVE-2019-1148	Microsoft Graphics Component 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1149	Microsoft Graphics 远程代码执行漏洞	Critical
Microsoft Graphics Component	CVE-2019-1150	Microsoft Graphics 远程代码执行漏洞	Critical
Microsoft Graphics Component	CVE-2019-1151	Microsoft Graphics 远程代码执行漏洞	Critical
Microsoft Graphics Component	CVE-2019-1152	Microsoft Graphics 远程代码执行漏洞	Critical
Microsoft Graphics Component	CVE-2019-1153	Microsoft Graphics Component 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1154	Windows Graphics Component 信息泄露漏洞	Important
Microsoft Graphics Component	CVE-2019-1158	Windows Graphics Component 信息泄露漏洞	Important
Microsoft JET Database Engine	CVE-2019-1146	Jet Database Engine 远程代码执行漏洞	Important
Microsoft JET Database Engine	CVE-2019-1147	Jet Database Engine 远程代码执行漏洞	Important
Microsoft JET Database Engine	CVE-2019-1155	Jet Database Engine 远程代码执行漏洞	Important
Microsoft JET Database Engine	CVE-2019-1156	Jet Database Engine 远程代码执行漏洞	Important
Microsoft JET Database Engine	CVE-2019-1157	Jet Database Engine 远程代码执行漏洞	Important
Microsoft Malware Protection Engine	CVE-2019-1161	Microsoft Defender 特权提升漏洞	Important
Microsoft NTFS	CVE-2019-1170	Windows NTFS 特权提升漏洞	Important
Microsoft Office	CVE-2019-1199	Microsoft Outlook 内存破坏漏洞	Critical
Microsoft Office	CVE-2019-1200	Microsoft Outlook 远程代码执行漏洞	Critical
Microsoft Office	CVE-2019-1201	Microsoft Word 远程代码执行漏洞	Critical
Microsoft Office	CVE-2019-1204	Microsoft Outlook 特权提升漏洞	Important
Microsoft Office	CVE-2019-1205	Microsoft Word 远程代码执行漏洞	Critical
Microsoft Office	CVE-2019-1218	Outlook iOS 欺骗漏洞	Important
Microsoft Office SharePoint	CVE-2019-1202	Microsoft SharePoint 信息泄露漏洞	Important
Microsoft Office SharePoint	CVE-2019-1203	Microsoft Office SharePoint XSS Vulnerability	Important
Microsoft Scripting Engine	CVE-2019-1131	Chakra Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1133	Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1139	Chakra Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1140	Chakra Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1141	Chakra Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1194	Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1195	Chakra Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1196	Chakra Scripting Engine 内存破坏漏洞	Critical
Microsoft Scripting Engine	CVE-2019-1197	Chakra Scripting Engine 内存破坏漏洞	Critical
Microsoft Windows	CVE-2019-1172	Windows 信息泄露漏洞	Important
Microsoft Windows	CVE-2019-1173	Windows 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1174	Windows 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1175	Windows 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1178	Windows 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1179	Windows 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1180	Windows 特权提升漏洞	Important
Microsoft Windows	CVE-2019-0716	Windows 拒绝服务漏洞	Important
Microsoft Windows	CVE-2019-1162	Windows ALPC 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1163	Windows File Signature 安全功能绕过漏洞	Important
Microsoft Windows	CVE-2019-1168	Microsoft Windows p2pimsvc 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1176	DirectX 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1177	Windows 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1186	Windows 特权提升漏洞	Important
Microsoft Windows	CVE-2019-1188	LNK 远程代码执行漏洞	Critical
Microsoft Windows	CVE-2019-1198	Microsoft Windows 特权提升漏洞	Important
Microsoft XML	CVE-2019-1187	XmlLite Runtime 拒绝服务漏洞	Important
Microsoft XML Core Services	CVE-2019-1057	MS XML 远程代码执行漏洞	Important
Online Services	ADV190014	Microsoft Live Accounts 特权提升漏洞	Important
Visual Studio	CVE-2019-1211	Git for Visual Studio 特权提升漏洞	Important
Windows – Linux	CVE-2019-1185	Windows Subsystem for Linux 特权提升漏洞	Important
Windows DHCP Client	CVE-2019-0736	Windows DHCP Client 远程代码执行漏洞	Critical
Windows DHCP Server	CVE-2019-1206	Windows DHCP Server 拒绝服务漏洞	Important
Windows DHCP Server	CVE-2019-1212	Windows DHCP Server 拒绝服务漏洞	Important
Windows DHCP Server	CVE-2019-1213	Windows DHCP Server 远程代码执行漏洞	Critical
Windows Hyper-V	CVE-2019-0965	Windows Hyper-V 远程代码执行漏洞	Critical
Windows Hyper-V	CVE-2019-0714	Windows Hyper-V 拒绝服务漏洞	Important
Windows Hyper-V	CVE-2019-0715	Windows Hyper-V 拒绝服务漏洞	Important
Windows Hyper-V	CVE-2019-0717	Windows Hyper-V 拒绝服务漏洞	Important
Windows Hyper-V	CVE-2019-0718	Windows Hyper-V 拒绝服务漏洞	Important
Windows Hyper-V	CVE-2019-0720	Hyper-V 远程代码执行漏洞	Critical
Windows Hyper-V	CVE-2019-0723	Windows Hyper-V 拒绝服务漏洞	Important
Windows Kernel	CVE-2019-1159	Windows Kernel 特权提升漏洞	Important
Windows Kernel	CVE-2019-1164	Windows Kernel 特权提升漏洞	Important
Windows Kernel	CVE-2019-1169	Win32k 特权提升漏洞	Important
Windows Kernel	CVE-2019-1190	Windows Image 特权提升漏洞	Important
Windows Kernel	CVE-2019-1227	Windows Kernel 信息泄露漏洞	Important
Windows Kernel	CVE-2019-1228	Windows Kernel 信息泄露漏洞	Important
Windows RDP	CVE-2019-1181	Remote Desktop Services 远程代码执行漏洞	Critical
Windows RDP	CVE-2019-1182	Remote Desktop Services 远程代码执行漏洞	Critical
Windows RDP	CVE-2019-1222	Remote Desktop Services 远程代码执行漏洞	Critical
Windows RDP	CVE-2019-1223	Windows Remote Desktop Protocol (RDP) 拒绝服务漏洞	Important
Windows RDP	CVE-2019-1224	Remote Desktop Protocol Server 信息泄露漏洞	Important
Windows RDP	CVE-2019-1225	Remote Desktop Protocol Server 信息泄露漏洞	Important
Windows RDP	CVE-2019-1226	Remote Desktop Services 远程代码执行漏洞	Critical
Windows Scripting	CVE-2019-1183	Windows VBScript Engine 远程代码执行漏洞	Critical
Windows Shell	CVE-2019-1184	Windows 特权提升漏洞	Important
Windows SymCrypt	CVE-2019-1171	SymCrypt 信息泄露漏洞	Important

修复建议

微软官方已经发布更新补丁，请及时进行补丁更新。