¡¾Îó²îͨ¸æ¡¿Î¢Èí9Ô¶à¸öÇå¾²Îó²î
Ðû²¼Ê±¼ä 2024-09-11Ò»¡¢Îó²î¸ÅÊö
2024Äê9ÔÂ11ÈÕ£¬£¬£¬¼øºÚµ£±£Íø¼¯ÍÅVSRC¼à²âµ½Î¢ÈíÐû²¼ÁË9ÔÂÇå¾²¸üУ¬£¬£¬±¾´Î¸üй²ÐÞ¸´ÁË79¸öÎó²î£¬£¬£¬Îó²îÀàÐͰüÀ¨ÌØÈ¨ÌáÉýÎó²î¡¢Çå¾²¹¦Ð§ÈƹýÎó²î¡¢Ô¶³Ì´úÂëÖ´ÐÐÎó²î¡¢ÐÅϢй¶Îó²î¡¢¾Ü¾øÐ§ÀÍÎó²îºÍÓÕÆÎó²îµÈ¡£¡£¡£¡£
±¾´ÎÇå¾²¸üÐÂÖаüÀ¨4¸ö±»Æð¾¢Ê¹ÓõÄ0 dayÎó²î£¬£¬£¬ÆäÖÐ1¸öÒѾ¹ûÕæÅû¶£º
CVE-2024-38014£ºWindows Installer ÌØÈ¨ÌáÉýÎó²î
Windows InstallerÖб£´æÈ¨ÏÞÌáÉýÎó²î£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ7.8£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²îµÄÍþвÕ߿ɻñµÃ SYSTEM ȨÏÞ£¬£¬£¬ÏÖÔÚ¸ÃÎó²îÒѼì²âµ½Îó²îʹÓᣡ£¡£¡£
CVE-2024-38217£ºWindows Mark of the WebÇå¾²¹¦Ð§ÈƹýÎó²î
Windows Mark of the WebÖб£´æÇå¾²¹¦Ð§ÈƹýÎó²î£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ5.4£¬£¬£¬ÍþвÕß¿ÉÒÔÔÚÆä¿ØÖÆµÄЧÀÍÆ÷ÉÏÍйÜÒ»¸öÄܹ»Ì Web ±ê¼Ç (MOTW) ·ÀÓùµÄ¶ñÒâÎļþ£¬£¬£¬È»ºóÓÕʹĿµÄÓû§ÏÂÔØ²¢·¿ª¸ÃÎļþ£¬£¬£¬´Ó¶øµ¼ÖÂÇå¾²¹¦Ð§£¨ÈçSmartScreenÓ¦ÓóÌÐòÐÅÓþÇå¾²¼ì²é»ò¾É°æWindows¸½¼þЧÀÍÇå¾²ÌáÐÑ£©Èƹý¡£¡£¡£¡£ÏÖÔÚ¸ÃÎó²îÒѾ¹ûÕæÅû¶£¬£¬£¬ÇÒÒѼì²âµ½Îó²îʹÓᣡ£¡£¡£
CVE-2024-38226£ºMicrosoft Publisher Çå¾²¹¦Ð§ÈƹýÎó²î
Microsoft Publisher±£´æÇå¾²¹¦Ð§ÈƹýÎó²î£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ7.3£¬£¬£¬ÍþвÕß¿Éͨ¹ýÓÕµ¼Êܺ¦ÕßÏÂÔØ²¢·¿ªÌØÖÆÎļþÀ´Ê¹ÓøÃÎó²î£¬£¬£¬ÀÖ³ÉʹÓÿÉÄܵ¼ÖÂÈÆ¹ýÓÃÓÚ×èÖ¹²»ÊÜÐÅÈλò¶ñÒâÎļþµÄOfficeºêÕ½ÂÔ£¬£¬£¬ÏÖÔÚ¸ÃÎó²îÒѼì²âµ½Îó²îʹÓᣡ£¡£¡£
CVE-2024-43491£ºMicrosoft Windows UpdateÔ¶³Ì´úÂëÖ´ÐÐÎó²î
MicrosoftЧÀÍ¿ÍÕ»Öб£´æUse-After-FreeÎó²î£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ9.8£¬£¬£¬¿ÉÄܵ¼Ö»عöÓ°ÏìWindows 10 1507ÉÏ¿ÉÑ¡×é¼þµÄһЩÎó²îµÄÐÞ¸´£¬£¬£¬´Ó¶øµ¼ÖÂÍþвÕß¿ÉÒÔʹÓà Windows 10 °æ±¾1507£¨Windows 10 Enterprise 2015 LTSB ºÍ Windows 10 IoT Enterprise 2015 LTSB£©ÏµÍ³ÉÏÕâЩ֮ǰÒÑÐÞ¸´/»º½âµÄÎó²î£¬£¬£¬ÀÖ³ÉʹÓÿÉÄܵ¼ÖÂÔ¶³Ì´úÂëÖ´ÐУ¬£¬£¬ÏÖÔÚ¸ÃÎó²îÒѼì²âµ½Îó²îʹÓᣡ£¡£¡£ÊÜÓ°ÏìÓû§¿Éͨ¹ý°´Ë³Ðò×°Öà 2024Äê9ÔÂЧÀÍ¿ÍÕ»¸üР(SSU KB5043936) ºÍ2024Äê9ÔÂWindowsÇå¾²¸üР(KB5043083) À´ÐÞ¸´¸ÃЧÀÍ¿ÍÕ»Îó²î¡£¡£¡£¡£
³ýCVE-2024-43491Í⣬£¬£¬±¾´ÎÇå¾²¸üÐÂÖÐÐÞ¸´µÄÆäËû6¸öÑÏÖØÎó²îΪ£º
CVE-2024-43464£ºMicrosoft SharePoint Server Ô¶³Ì´úÂëÖ´ÐÐÎó²î
Microsoft SharePoint ServerÖб£´æ·´ÐòÁл¯Îó²î£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ7.2£¬£¬£¬¾ÓÉÉí·ÝÑéÖ¤ÇÒÓµÓÐÕ¾µãËùÓÐÕßȨÏÞµÄÍþвÕß¿ÉÒÔ½«ÌØÖÆÎļþÉÏ´«µ½Ä¿µÄ SharePoint Server£¬£¬£¬²¢Í¨¹ýÌØÖÆAPI ÇëÇóÒÔ´¥·¢Îļþ²ÎÊýµÄ·´ÐòÁл¯£¬£¬£¬ÀÖ³ÉʹÓÿÉÄܵ¼ÖÂÔÚ SharePoint Server ÉÏÏÂÎÄÖÐʵÏÖÔ¶³Ì´úÂëÖ´ÐУ¬£¬£¬Î¢ÈíµÄ¿ÉʹÓÃÐÔÆÀ¹ÀΪ ¡°±»Ê¹ÓõĿÉÄÜÐԽϸߡ±¡£¡£¡£¡£
CVE-2024-38018£ºMicrosoft SharePoint Server Ô¶³Ì´úÂëÖ´ÐÐÎó²î
Microsoft SharePoint ServerÖб£´æ·´ÐòÁл¯Îó²î£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ8.8£¬£¬£¬¾ÓÉÉí·ÝÑéÖ¤µÄÔ¶³ÌÍþвÕß¿ÉʹÓøÃÎó²îÔÚ SharePoint Server ÉÏʵÏÖÔ¶³Ì´úÂëÖ´ÐУ¬£¬£¬Î¢ÈíµÄ¿ÉʹÓÃÐÔÆÀ¹ÀΪ ¡°±»Ê¹ÓõĿÉÄÜÐԽϸߡ±¡£¡£¡£¡£
CVE-2024-38119£ºWindows Network Address Translation (NAT) Ô¶³Ì´úÂëÖ´ÐÐÎó²î
Windows ÍøÂçµØµãת»» (NAT)±£´æUse-After-FreeÎó²î£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ7.5£¬£¬£¬ÏàÁÚÍøÂçµÄÍþвÕß¿ÉʹÓøÃÎó²îµ¼ÖÂÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¬£¬£¬ÀÖ³ÉÀû¸ÃÎó²îÐèÒªÓ®µÃ¾ºÕùÌõ¼þ£¬£¬£¬Î¢ÈíµÄ¿ÉʹÓÃÐÔÆÀ¹ÀΪ ¡°±»Ê¹ÓõĿÉÄÜÐÔ½ÏС¡±¡£¡£¡£¡£
CVE-2024-38216/ CVE-2024-38220£ºAzure Stack Hub ÌØÈ¨ÌáÉýÎó²î
CVE-2024-38194£ºAzure Web Apps ÌØÈ¨ÌáÉýÎó²î
³ýCVE-2024-43464ºÍCVE-2024-38018Í⣬£¬£¬Î¢ÈíµÄ¿ÉʹÓÃÐÔÆÀ¹ÀÖÐÆäËû ¡°±»Ê¹ÓõĿÉÄÜÐԽϸߡ±µÄÎó²î»¹°üÀ¨£º
l CVE-2024-38227£ºMicrosoft SharePoint Server Ô¶³Ì´úÂëÖ´ÐÐÎó²î
l CVE-2024-38228£ºMicrosoft SharePoint Server Ô¶³Ì´úÂëÖ´ÐÐÎó²î
l CVE-2024-38237£ºKernel Streaming WOW Thunk Service DriverÌØÈ¨ÌáÉýÎó²î
l CVE-2024-38238£ºKernel Streaming Service DriverÌØÈ¨ÌáÉýÎó²î
l CVE-2024-38241£ºKernel Streaming Service DriverÌØÈ¨ÌáÉýÎó²î
l CVE-2024-38242£ºKernel Streaming Service DriverÌØÈ¨ÌáÉýÎó²î
l CVE-2024-38243£ºKernel Streaming Service DriverÌØÈ¨ÌáÉýÎó²î
l CVE-2024-38244£ºKernel Streaming Service DriverÌØÈ¨ÌáÉýÎó²î
l CVE-2024-38245£ºKernel Streaming Service DriverÌØÈ¨ÌáÉýÎó²î
l CVE-2024-38246£ºWin32kÌØÈ¨ÌáÉýÎó²î
l CVE-2024-38247£ºWindows Graphics ComponentÌØÈ¨ÌáÉýÎó²î
l CVE-2024-38249£ºWindows Graphics ComponentÌØÈ¨ÌáÉýÎó²î
l CVE-2024-38252£ºWindows Win32 Kernel SubsystemÌØÈ¨ÌáÉýÎó²î
l CVE-2024-38253£ºWindows Win32 Kernel SubsystemÌØÈ¨ÌáÉýÎó²î
l CVE-2024-43457£ºWindows Setup and DeploymentÌØÈ¨ÌáÉýÎó²î
l CVE-2024-43461£ºWindows MSHTML PlatformÓÕÆÎó²î
l CVE-2024-43487£ºWindows Mark of the Web Çå¾²¹¦Ð§ÈƹýÎó²î
΢Èí9Ô¸üÐÂÐÞ¸´µÄÎó²îÁбíÈçÏ£º
CVE-ID | CVE ÎÊÌâ | ÑÏÖØÐÔ |
CVE-2024-38216 | Azure Stack Hub ÌØÈ¨ÌáÉýÎó²î | ÑÏÖØ |
CVE-2024-38220 | Azure Stack Hub ÌØÈ¨ÌáÉýÎó²î | ÑÏÖØ |
CVE-2024-38194 | Azure Web Apps ÌØÈ¨ÌáÉýÎó²î | ÑÏÖØ |
CVE-2024-43464 | Microsoft SharePoint Server Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ÑÏÖØ |
CVE-2024-38018 | Microsoft SharePoint Server Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ÑÏÖØ |
CVE-2024-38119 | Windows Network Address Translation (NAT) Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ÑÏÖØ |
CVE-2024-43491 | Microsoft Windows Update Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ÑÏÖØ |
CVE-2024-43469 | Azure CycleCloud Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-38188 | Azure Network Watcher VM Agent ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-43470 | Azure Network Watcher VM Agent ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38225 | Microsoft Dynamics 365 Business Central ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-43492 | Microsoft AutoUpdate (MAU) ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-43476 | Microsoft Dynamics 365 (on-premises) ¿çÕ¾¾ç±¾Îó²î | ¸ßΣ |
CVE-2024-38247 | Windows Graphics Component ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38250 | Windows Graphics Component ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38249 | Windows Graphics Component ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38259 | Microsoft Management Console Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-43465 | Microsoft Excel ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38226 | Microsoft Publisher Çå¾²¹¦Ð§ÈƹýÎó²î | ¸ßΣ |
CVE-2024-38227 | Microsoft SharePoint Server Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-38228 | Microsoft SharePoint Server Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-43466 | Microsoft SharePoint Server ¾Ü¾øÐ§ÀÍÎó²î | ¸ßΣ |
CVE-2024-43463 | Microsoft Office Visio Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-43482 | Microsoft Outlook for iOS ÐÅϢй¶Îó²î | ¸ßΣ |
CVE-2024-38245 | Kernel Streaming Service Driver ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38241 | Kernel Streaming Service Driver ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38242 | Kernel Streaming Service Driver ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38244 | Kernel Streaming Service Driver ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38243 | Kernel Streaming Service Driver ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38237 | Kernel Streaming WOW Thunk Service Driver ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38238 | Kernel Streaming Service Driver ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-43479 | Microsoft Power Automate Desktop Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-38235 | Windows Hyper-V ¾Ü¾øÐ§ÀÍÎó²î | ¸ßΣ |
CVE-2024-37338 | Microsoft SQL Server Native Scoring Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-37980 | Microsoft SQL Server ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-26191 | Microsoft SQL Server Native Scoring Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-37339 | Microsoft SQL Server Native Scoring Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-37337 | Microsoft SQL Server Native Scoring ÐÅϢй¶Îó²î | ¸ßΣ |
CVE-2024-26186 | Microsoft SQL Server Native Scoring Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-37342 | Microsoft SQL Server Native Scoring ÐÅϢй¶Îó²î | ¸ßΣ |
CVE-2024-43474 | Microsoft SQL Server ÐÅϢй¶Îó²î | ¸ßΣ |
CVE-2024-37335 | Microsoft SQL Server Native Scoring Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-37966 | Microsoft SQL Server Native Scoring ÐÅϢй¶Îó²î | ¸ßΣ |
CVE-2024-37340 | Microsoft SQL Server Native Scoring Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-37965 | Microsoft SQL Server ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-37341 | Microsoft SQL Server ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-43475 | Microsoft Windows Admin Center ÐÅϢй¶Îó²î | ¸ßΣ |
CVE-2024-38257 | Microsoft AllJoyn API ÐÅϢй¶Îó²î | ¸ßΣ |
CVE-2024-38254 | Windows Authentication ÐÅϢй¶Îó²î | ¸ßΣ |
CVE-2024-38236 | DHCP Server Service ¾Ü¾øÐ§ÀÍÎó²î | ¸ßΣ |
CVE-2024-38014 | Windows Installer ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38239 | Windows Kerberos ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38256 | Windows Kernel-Mode Driver ÐÅϢй¶Îó²î | ¸ßΣ |
CVE-2024-43495 | Windows libarchive Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-38217 | Windows Mark of the Web Çå¾²¹¦Ð§ÈƹýÎó²î | ¸ßΣ |
CVE-2024-43461 | Windows MSHTML Platform ÓÕÆÎó²î | ¸ßΣ |
CVE-2024-38232 | Windows Networking ¾Ü¾øÐ§ÀÍÎó²î | ¸ßΣ |
CVE-2024-38233 | Windows Networking ¾Ü¾øÐ§ÀÍÎó²î | ¸ßΣ |
CVE-2024-38234 | Windows Networking ¾Ü¾øÐ§ÀÍÎó²î | ¸ßΣ |
CVE-2024-43458 | Windows Networking ÐÅϢй¶Îó²î | ¸ßΣ |
CVE-2024-38046 | PowerShell ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38240 | Windows Remote Access Connection Manager ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38231 | Windows Remote Desktop Licensing Service ¾Ü¾øÐ§ÀÍÎó²î | ¸ßΣ |
CVE-2024-38258 | Windows Remote Desktop Licensing Service ÐÅϢй¶Îó²î | ¸ßΣ |
CVE-2024-43467 | Windows Remote Desktop Licensing Service Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-43454 | Windows Remote Desktop Licensing Service Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-38263 | Windows Remote Desktop Licensing Service Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-38260 | Windows Remote Desktop Licensing Service Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-43455 | Windows Remote Desktop Licensing Service ÓÕÆÎó²î | ¸ßΣ |
CVE-2024-30073 | Windows Security Zone Mapping Çå¾²¹¦Ð§ÈƹýÎó²î | ¸ßΣ |
CVE-2024-43457 | Windows Setup and Deployment ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38230 | Windows Standards-Based Storage Management ¾Ü¾øÐ§ÀÍÎó²î | ¸ßΣ |
CVE-2024-38248 | Windows Storage ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-21416 | Windows TCP/IP Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-38045 | Windows TCP/IP Ô¶³Ì´úÂëÖ´ÐÐÎó²î | ¸ßΣ |
CVE-2024-38246 | Win32k ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38252 | Windows Win32 Kernel Subsystem ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-38253 | Windows Win33 Kernel Subsystem ÌØÈ¨ÌáÉýÎó²î | ¸ßΣ |
CVE-2024-43487 | Windows Mark of the Web Çå¾²¹¦Ð§ÈƹýÎó²î | ÖÐΣ |
¶þ¡¢Ó°Ïì¹æÄ£
ÊÜÓ°ÏìµÄ²úÆ·/¹¦Ð§/ЧÀÍ/×é¼þ°üÀ¨£º
Windows TCP/IP
SQL Server
Windows Security Zone Mapping
Windows Installer
Microsoft Office SharePoint
Windows PowerShell
Windows Network Address Translation (NAT)
Azure Network Watcher
Azure Web Apps
Azure Stack
Windows Mark of the Web (MOTW)
Dynamics Business Central
Microsoft Office Publisher
Windows Standards-Based Storage Management Service
Windows Remote Desktop Licensing Service
Windows Network Virtualization
Role: Windows Hyper-V
Windows DHCP Server
Microsoft Streaming Service
Windows Kerberos
Windows Remote Access Connection Manager
Windows Win32K - GRFX
Microsoft Graphics Component
Windows Storage
Windows Win32K - ICOMP
Windows Authentication Methods
Windows Kernel-Mode Drivers
Windows AllJoyn API
Microsoft Management Console
Windows Setup and Deployment
Windows MSHTML Platform
Microsoft Office Visio
Microsoft Office Excel
Azure CycleCloud
Windows Admin Center
Microsoft Dynamics 365 (on-premises)
Power Automate
Microsoft Outlook for iOS
Windows Update
Microsoft AutoUpdate (MAU)
Windows Libarchive
Èý¡¢Çå¾²²½·¥
3.1 Éý¼¶°æ±¾
ÏÖÔÚ΢ÈíÒÑÐû²¼Ïà¹ØÇå¾²¸üУ¬£¬£¬½¨ÒéÊÜÓ°ÏìµÄÓû§¾¡¿ìÐÞ¸´¡£¡£¡£¡£
£¨Ò»£© Windows Update×Ô¶¯¸üÐÂ
Microsoft UpdateĬÈÏÆôÓ㬣¬£¬µ±ÏµÍ³¼ì²âµ½¿ÉÓøüÐÂʱ£¬£¬£¬½«»á×Ô¶¯ÏÂÔØ¸üв¢ÔÚÏÂÒ»´ÎÆô¶¯Ê±×°Öᣡ£¡£¡£Ò²¿ÉÑ¡Ôñͨ¹ýÒÔϰ취ÊÖ¶¯¾ÙÐиüУº
1¡¢µã»÷¡°×îÏȲ˵¥¡±»ò°´Windows¿ì½Ý¼ü£¬£¬£¬µã»÷½øÈë¡°ÉèÖá±
2¡¢Ñ¡Ôñ¡°¸üкÍÇå¾²¡±£¬£¬£¬½øÈë¡°Windows¸üС±£¨Windows 8¡¢Windows 8.1¡¢Windows Server 2012ÒÔ¼°Windows Server 2012 R2¿Éͨ¹ý¿ØÖÆÃæ°å½øÈë¡°Windows¸üС±£¬£¬£¬Ïêϸ°ì·¨Îª¡°¿ØÖÆÃæ°å¡±->¡°ÏµÍ³ºÍÇå¾²¡±->¡°Windows¸üС±£©
3¡¢Ñ¡Ôñ¡°¼ì²é¸üС±£¬£¬£¬ÆÚ´ýϵͳ×Ô¶¯¼ì²é²¢ÏÂÔØ¿ÉÓøüС£¡£¡£¡£
4¡¢¸üÐÂÍê³ÉºóÖØÆôÅÌËã»ú£¬£¬£¬¿Éͨ¹ý½øÈë¡°Windows¸üС±->¡°Éó²é¸üÐÂÀúÊ·¼Í¼¡±Éó²éÊÇ·ñÀÖ³É×°ÖÃÁ˸üС£¡£¡£¡£¹ØÓÚûÓÐÀÖ³É×°ÖõĸüУ¬£¬£¬¿ÉÒÔµã»÷¸Ã¸üÐÂÃû³Æ½øÈë΢Èí¹Ù·½¸üÐÂÐÎòÁ´½Ó£¬£¬£¬µã»÷×îеÄSSUÃû³Æ²¢ÔÚÐÂÁ´½ÓÖеã»÷¡°Microsoft ¸üÐÂĿ¼¡±£¬£¬£¬È»ºóÔÚÐÂÁ´½ÓÖÐÑ¡ÔñÊÊÓÃÓÚÄ¿µÄϵͳµÄ²¹¶¡¾ÙÐÐÏÂÔØ²¢×°Öᣡ£¡£¡£
£¨¶þ£© ÊÖ¶¯×°ÖøüÐÂ
Microsoft¹Ù·½ÏÂÔØÏìÓ¦²¹¶¡¾ÙÐиüС£¡£¡£¡£
2024Äê9ÔÂÇå¾²¸üÐÂÏÂÔØÁ´½Ó£º
https://msrc.microsoft.com/update-guide/releaseNote/2024-Sep
²¹¶¡ÏÂÔØÊ¾Àý£¨²Î¿¼£©£º
1.·¿ªÉÏÊöÏÂÔØÁ´½Ó£¬£¬£¬µã»÷Îó²îÁбíÖÐÒªÐÞ¸´µÄCVEÁ´½Ó¡£¡£¡£¡£
Àý1£ºÎ¢ÈíÎó²îÁÐ±í£¨Ê¾Àý£©
2.ÔÚ΢Èíͨ¸æÒ³Ãæµ×²¿×ó²à¡¾²úÆ·¡¿ÁÐÑ¡ÔñÏìÓ¦µÄϵͳÀàÐÍ£¬£¬£¬µã»÷ÓҲࡾÏÂÔØ¡¿Áз¿ª²¹¶¡ÏÂÔØÁ´½Ó¡£¡£¡£¡£
Àý2£ºCVE-2022-21989²¹¶¡ÏÂÔØÊ¾Àý
3.µã»÷¡¾Çå¾²¸üС¿£¬£¬£¬·¿ª²¹¶¡ÏÂÔØÒ³Ãæ£¬£¬£¬ÏÂÔØÏìÓ¦²¹¶¡²¢¾ÙÐÐ×°Öᣡ£¡£¡£
Àý3£º²¹¶¡ÏÂÔØ½çÃæ
4.×°ÖÃÍê³ÉºóÖØÆôÅÌËã»ú¡£¡£¡£¡£
3.2 ÔÝʱ²½·¥
ÔÝÎÞ¡£¡£¡£¡£
3.3 ͨÓý¨Òé
l °´ÆÚ¸üÐÂϵͳ²¹¶¡£¬£¬£¬ïÔÌϵͳÎó²î£¬£¬£¬ÌáÉýЧÀÍÆ÷µÄÇå¾²ÐÔ¡£¡£¡£¡£
l ÔöǿϵͳºÍÍøÂçµÄ»á¼û¿ØÖÆ£¬£¬£¬Ð޸ķÀ»ðǽսÂÔ£¬£¬£¬¹Ø±Õ·ÇÐëÒªµÄÓ¦Óö˿ڻòЧÀÍ£¬£¬£¬ïÔ̽«Î£ÏÕЧÀÍ£¨ÈçSSH¡¢RDPµÈ£©Ì»Â¶µ½¹«Íø£¬£¬£¬ïÔ̹¥»÷Ãæ¡£¡£¡£¡£
l ʹÓÃÆóÒµ¼¶Çå¾²²úÆ·£¬£¬£¬ÌáÉýÆóÒµµÄÍøÂçÇå¾²ÐÔÄÜ¡£¡£¡£¡£
l ÔöǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬£¬£¬ÆôÓöàÒòËØÈÏÖ¤»úÖÆºÍ×îСȨÏÞÔÔò£¬£¬£¬Óû§ºÍÈí¼þȨÏÞÓ¦¼á³ÖÔÚ×îµÍÏÞ¶È¡£¡£¡£¡£
l ÆôÓÃÇ¿ÃÜÂëÕ½ÂÔ²¢ÉèÖÃΪ°´ÆÚÐ޸ġ£¡£¡£¡£
3.4 ²Î¿¼Á´½Ó
https://msrc.microsoft.com/update-guide/releaseNote/2024-Sep
https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2024-43491
ËÄ¡¢°æ±¾ÐÅÏ¢
°æ±¾ | ÈÕÆÚ | ±¸×¢ |
V1.0 | 2024-09-11 | Ê×´ÎÐû²¼ |
Îå¡¢¸½Â¼
5.1 ¼øºÚµ£±£Íø¼ò½é
¼øºÚµ£±£Íø½¨ÉèÓÚ1996Ä꣬£¬£¬ÊÇÓÉÁôÃÀ²©Ê¿ÑÏÍû¼ÑŮʿ½¨ÉèµÄ¡¢ÓµÓÐÍêÈ«×ÔÖ÷֪ʶ²úȨµÄÐÅÏ¢Çå¾²¸ß¿Æ¼¼ÆóÒµ¡£¡£¡£¡£ÊǺ£ÄÚ×î¾ßʵÁ¦µÄÐÅÏ¢Çå¾²²úÆ·¡¢Ç徲ЧÀͽâ¾ö¼Æ»®µÄÁ캽ÆóÒµÖ®Ò»¡£¡£¡£¡£
¹«Ë¾×ܲ¿Î»ÓÚ±±¾©ÊÐÖйشåÈí¼þÔ°¼øºÚµ£±£Íø´óÏ㬣¬£¬¹«Ë¾Ô±¹¤6000ÓàÈË£¬£¬£¬Ñз¢ÍŶÓ1200ÓàÈË, ÊÖÒÕЧÀÍÍŶÓ1300ÓàÈË¡£¡£¡£¡£ÔÚÌìϸ÷Ê¡¡¢ÊС¢×ÔÖÎÇøÉèÁ¢·ÖÖ§»ú¹¹ÁùÊ®¶à¸ö£¬£¬£¬ÓµÓÐÁýÕÖÌìϵÄÏúÊÛϵͳ¡¢ÇþµÀϵͳºÍÊÖÒÕÖ§³Öϵͳ¡£¡£¡£¡£¹«Ë¾ÓÚ2010Äê6ÔÂ23ÈÕÔÚÉîÛÚÖÐС°å¹ÒÅÆÉÏÊС£¡£¡£¡££¨¹ÉƱ´úÂ룺002439£©
¶àÄêÀ´£¬£¬£¬¼øºÚµ£±£ÍøÖÂÁ¦ÓÚÌṩ¾ßÓйú¼Ê¾ºÕùÁ¦µÄ×ÔÖ÷Á¢ÒìµÄÇå¾²²úÆ·ºÍ×î¼Ñʵ¼ùЧÀÍ£¬£¬£¬×ÊÖú¿Í»§ÖÜÈ«ÌáÉýÆäIT»ù´¡ÉèÊ©µÄÇå¾²ÐÔºÍÉú²úЧÄÜ£¬£¬£¬Îª´òÔìºÍÌáÉý¹ú¼Ê»¯µÄÃñ×åÐÅÏ¢Çå¾²¹¤ÒµÁì¾üÆ·ÅÆ¶ø²»Ð¸Æð¾¢¡£¡£¡£¡£
5.2 ¹ØÓÚ¼øºÚµ£±£Íø
¼øºÚµ£±£ÍøÇå¾²Ó¦¼±ÏìÓ¦ÖÐÐÄÒÑÐû²¼1000¶à¸öÎó²îͨ¸æºÍΣº¦Ô¤¾¯£¬£¬£¬ÎÒÃǽ«Ò»Á¬¸ú×ÙÈ«Çò×îеÄÍøÂçÇå¾²ÊÂÎñºÍÎó²î£¬£¬£¬ÎªÆóÒµµÄÐÅÏ¢Çå¾²±£¼Ý»¤º½¡£¡£¡£¡£
¹Ø×¢ÎÒÃÇ£º