近日,CNNVD通报微软官方发布的多个安全漏洞,其中微软产品本身漏洞139个,影响到微软产品的其他厂商漏洞0个。包括Microsoft Message Queuing 安全漏洞(CNNVD-202307-933、CVE-2023-32057)、Microsoft Office 安全漏洞(CNNVD-202307-826、CVE-2023-33150)等多个漏洞。成功利用上述漏洞的攻击者可以在目标系统上执行任意代码、获取用户数据,提升权限等。微软多个产品和系统受漏洞影响。目前,微软官方已经发布了漏洞修复补丁,建议用户及时确认是否受到漏洞影响,尽快采取修补措施。
一、 漏洞介绍
2023年7月11日,微软发布了2023年7月份安全更新,共139个漏洞的补丁程序,CNNVD对这些漏洞进行了收录。本次更新主要涵盖了Microsoft Windows 和 Windows 组件、Microsoft Windows App Store、Microsoft Windows PGM、Microsoft Windows DNS、Microsoft Windows Kernel、Microsoft Office等。CNNVD对其危害等级进行了评价,其中超危漏洞5个,高危漏洞82个,中危漏洞51个,低危漏洞1个。微软多个产品和系统版本受漏洞影响,具体影响范围可访问微软官方网站查询:
https://portal.msrc.microsoft.com/zh-cn/security-guidance
二、漏洞详情
此次更新共包括130个新增漏洞的补丁程序,其中超危漏洞5个,高危漏洞74个,中危漏洞50个,低危漏洞1个。
|
序号 |
漏洞名称 |
CNNVD编号 |
CVE编号 |
危害等级 |
官方链接 |
|
1 |
Microsoft Message Queuing 安全漏洞 |
CNNVD-202307-933 |
CVE-2023-32057 |
超危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32057 |
|
2 |
Microsoft Office 安全漏洞 |
CNNVD-202307-826 |
CVE-2023-33150 |
超危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33150 |
|
3 |
Microsoft Windows Routing and Remote Access Service (RRAS) 安全漏洞 |
CNNVD-202307-815 |
CVE-2023-35365 |
超危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35365 |
|
4 |
Microsoft Windows Routing and Remote Access Service (RRAS) 安全漏洞 |
CNNVD-202307-814 |
CVE-2023-35366 |
超危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35366 |
|
5 |
Microsoft Windows Routing and Remote Access Service (RRAS) 安全漏洞 |
CNNVD-202307-810 |
CVE-2023-35367 |
超危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35367 |
|
6 |
Microsoft Windows Netlogon 安全漏洞 |
CNNVD-202307-920 |
CVE-2023-21526 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21526 |
|
7 |
Microsoft Win32k 安全漏洞 |
CNNVD-202307-821 |
CVE-2023-21756 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21756 |
|
8 |
Microsoft Windows Admin Center 安全漏洞 |
CNNVD-202307-922 |
CVE-2023-29347 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29347 |
|
9 |
Microsoft ODBC Driver 安全漏洞 |
CNNVD-202307-858 |
CVE-2023-32038 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32038 |
|
10 |
Microsoft Message Queuing 安全漏洞 |
CNNVD-202307-871 |
CVE-2023-32044 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32044 |
|
11 |
Microsoft Message Queuing 安全漏洞 |
CNNVD-202307-872 |
CVE-2023-32045 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32045 |
|
12 |
Microsoft Windows MSHTML Platform 安全漏洞 |
CNNVD-202307-874 |
CVE-2023-32046 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32046 |
|
13 |
Paint 3D 安全漏洞 |
CNNVD-202307-876 |
CVE-2023-32047 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32047 |
|
14 |
Microsoft Windows SmartScreen 安全漏洞 |
CNNVD-202307-880 |
CVE-2023-32049 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32049 |
|
15 |
Microsoft Windows Installer 安全漏洞 |
CNNVD-202307-884 |
CVE-2023-32050 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32050 |
|
16 |
Microsoft Raw Image Extension 安全漏洞 |
CNNVD-202307-886 |
CVE-2023-32051 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32051 |
|
17 |
Microsoft Windows Installer 安全漏洞 |
CNNVD-202307-929 |
CVE-2023-32053 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32053 |
|
18 |
Microsoft Windows Volume Shadow Copy 安全漏洞 |
CNNVD-202307-932 |
CVE-2023-32054 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32054 |
|
19 |
Microsoft Windows Server Update Service 安全漏洞 |
CNNVD-202307-934 |
CVE-2023-32056 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32056 |
|
20 |
Microsoft HTTP.sys 安全漏洞 |
CNNVD-202307-939 |
CVE-2023-32084 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32084 |
|
21 |
Microsoft Visual Studio和Microsoft .NET 安全漏洞 |
CNNVD-202307-943 |
CVE-2023-33127 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33127 |
|
22 |
Microsoft SharePoint 安全漏洞 |
CNNVD-202307-942 |
CVE-2023-33134 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33134 |
|
23 |
Microsoft Office 安全漏洞 |
CNNVD-202307-822 |
CVE-2023-33148 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33148 |
|
24 |
Microsoft Office 安全漏洞 |
CNNVD-202307-824 |
CVE-2023-33149 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33149 |
|
25 |
Microsoft ActiveX 安全漏洞 |
CNNVD-202307-830 |
CVE-2023-33152 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33152 |
|
26 |
Microsoft Windows Partition Management Driver 安全漏洞 |
CNNVD-202307-945 |
CVE-2023-33154 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33154 |
|
27 |
Microsoft Windows Cloud Files Mini Filter Driver 安全漏洞 |
CNNVD-202307-946 |
CVE-2023-33155 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33155 |
|
28 |
Microsoft SharePoint 安全漏洞 |
CNNVD-202307-941 |
CVE-2023-33157 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33157 |
|
29 |
Microsoft Excel 安全漏洞 |
CNNVD-202307-937 |
CVE-2023-33158 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33158 |
|
30 |
Microsoft SharePoint 安全漏洞 |
CNNVD-202307-935 |
CVE-2023-33159 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33159 |
|
31 |
Microsoft SharePoint 安全漏洞 |
CNNVD-202307-931 |
CVE-2023-33160 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33160 |
|
32 |
Microsoft Excel 安全漏洞 |
CNNVD-202307-926 |
CVE-2023-33161 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33161 |
|
33 |
Microsoft Windows Network Load Balancing 安全漏洞 |
CNNVD-202307-923 |
CVE-2023-33163 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33163 |
|
34 |
Microsoft ASP.NET 和 Visual Studio 安全漏洞 |
CNNVD-202307-919 |
CVE-2023-33170 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170 |
|
35 |
Microsoft Dynamics 365 安全漏洞 |
CNNVD-202307-917 |
CVE-2023-33171 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33171 |
|
36 |
Microsoft Windows PGM 安全漏洞 |
CNNVD-202307-911 |
CVE-2023-35297 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35297 |
|
37 |
Microsoft HTTP.sys 安全漏洞 |
CNNVD-202307-910 |
CVE-2023-35298 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35298 |
|
38 |
Microsoft Windows Common Log File System Driver 安全漏洞 |
CNNVD-202307-909 |
CVE-2023-35299 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35299 |
|
39 |
Microsoft Windows Remote Procedure Call Runtime 安全漏洞 |
CNNVD-202307-908 |
CVE-2023-35300 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35300 |
|
40 |
Microsoft PostScript Printer Driver 安全漏洞 |
CNNVD-202307-907 |
CVE-2023-35302 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35302 |
|
41 |
Microsoft USB Audio Class System Driver 安全漏洞 |
CNNVD-202307-906 |
CVE-2023-35303 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35303 |
|
42 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202307-905 |
CVE-2023-35304 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35304 |
|
43 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202307-902 |
CVE-2023-35305 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35305 |
|
44 |
Microsoft Message Queuing 安全漏洞 |
CNNVD-202307-901 |
CVE-2023-35309 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35309 |
|
45 |
Microsoft Outlook 安全漏洞 |
CNNVD-202307-899 |
CVE-2023-35311 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35311 |
|
46 |
Microsoft Windows VOLSNAP.SYS 安全漏洞 |
CNNVD-202307-898 |
CVE-2023-35312 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35312 |
|
47 |
Microsoft Windows Online Certificate Status Protocol (OCSP) SnapIn 安全漏洞 |
CNNVD-202307-888 |
CVE-2023-35313 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35313 |
|
48 |
Microsoft Windows Layer-2 Bridge Network Driver 安全漏洞 |
CNNVD-202307-893 |
CVE-2023-35315 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35315 |
|
49 |
Microsoft Windows Server Update Service 安全漏洞 |
CNNVD-202307-897 |
CVE-2023-35317 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35317 |
|
50 |
Microsoft Windows Connected User Experiences and Telemetry 安全漏洞 |
CNNVD-202307-892 |
CVE-2023-35320 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35320 |
|
51 |
Microsoft Windows Deployment Services 安全漏洞 |
CNNVD-202307-887 |
CVE-2023-35322 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35322 |
|
52 |
Microsoft Windows OLE 安全漏洞 |
CNNVD-202307-885 |
CVE-2023-35323 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35323 |
|
53 |
Microsoft Windows Print Spooler Components 安全漏洞 |
CNNVD-202307-879 |
CVE-2023-35325 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35325 |
|
54 |
Microsoft Windows Transaction Manager 安全漏洞 |
CNNVD-202307-875 |
CVE-2023-35328 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35328 |
|
55 |
Microsoft SPNEGO Extended Negotiation 安全漏洞 |
CNNVD-202307-870 |
CVE-2023-35330 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35330 |
|
56 |
Microsoft Media-Wiki Extensions 安全漏洞 |
CNNVD-202307-865 |
CVE-2023-35333 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35333 |
|
57 |
Microsoft Dynamics 365 安全漏洞 |
CNNVD-202307-864 |
CVE-2023-35335 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35335 |
|
58 |
Microsoft Windows Win32K 安全漏洞 |
CNNVD-202307-859 |
CVE-2023-35337 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35337 |
|
59 |
Microsoft Windows Peer Name Resolution Protocol 安全漏洞 |
CNNVD-202307-857 |
CVE-2023-35338 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35338 |
|
60 |
Microsoft Windows CryptoAPI 安全漏洞 |
CNNVD-202307-855 |
CVE-2023-35339 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35339 |
|
61 |
Microsoft Windows CNG Key Isolation Service 安全漏洞 |
CNNVD-202307-852 |
CVE-2023-35340 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35340 |
|
62 |
Microsoft Windows Image Acquisition 安全漏洞 |
CNNVD-202307-849 |
CVE-2023-35342 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35342 |
|
63 |
Microsoft Windows Geolocation Service 安全漏洞 |
CNNVD-202307-846 |
CVE-2023-35343 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35343 |
|
64 |
Microsoft Windows App Store 安全漏洞 |
CNNVD-202307-839 |
CVE-2023-35347 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35347 |
|
65 |
Microsoft Azure Active Directory Connect 安全漏洞 |
CNNVD-202307-838 |
CVE-2023-35348 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35348 |
|
66 |
Microsoft Windows Active Directory 安全漏洞 |
CNNVD-202307-835 |
CVE-2023-35350 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35350 |
|
67 |
Microsoft Windows Remote Desktop 安全漏洞 |
CNNVD-202307-831 |
CVE-2023-35352 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35352 |
|
68 |
Microsoft Windows Connected User Experiences and Telemetry 安全漏洞 |
CNNVD-202307-829 |
CVE-2023-35353 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35353 |
|
69 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202307-827 |
CVE-2023-35356 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35356 |
|
70 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202307-825 |
CVE-2023-35357 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35357 |
|
71 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202307-823 |
CVE-2023-35358 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35358 |
|
72 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202307-820 |
CVE-2023-35360 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35360 |
|
73 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202307-819 |
CVE-2023-35361 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35361 |
|
74 |
Microsoft Windows Clip Service 安全漏洞 |
CNNVD-202307-818 |
CVE-2023-35362 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35362 |
|
75 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202307-817 |
CVE-2023-35363 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35363 |
|
76 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202307-816 |
CVE-2023-35364 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35364 |
|
77 |
Microsoft Paint 3D 安全漏洞 |
CNNVD-202307-811 |
CVE-2023-35374 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35374 |
|
78 |
Microsoft Visual Studio Code 安全漏洞 |
CNNVD-202307-806 |
CVE-2023-36867 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36867 |
|
79 |
Microsoft Windows Error Reporting 安全漏洞 |
CNNVD-202307-800 |
CVE-2023-36874 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36874 |
|
80 |
Microsoft Windows Cluster Server 安全漏洞 |
CNNVD-202307-850 |
CVE-2023-32033 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32033 |
|
81 |
Microsoft Windows Remote Procedure Call Runtime 安全漏洞 |
CNNVD-202307-854 |
CVE-2023-32034 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32034 |
|
82 |
Microsoft Windows Remote Procedure Call Runtime 安全漏洞 |
CNNVD-202307-853 |
CVE-2023-32035 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32035 |
|
83 |
Microsoft Windows Layer-2 Bridge Network Driver 安全漏洞 |
CNNVD-202307-856 |
CVE-2023-32037 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32037 |
|
84 |
Microsoft PostScript Printer Driver 安全漏洞 |
CNNVD-202307-860 |
CVE-2023-32039 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32039 |
|
85 |
Microsoft PostScript Printer Driver 安全漏洞 |
CNNVD-202307-861 |
CVE-2023-32040 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32040 |
|
86 |
Microsoft Windows Update Orchestrator Service 安全漏洞 |
CNNVD-202307-863 |
CVE-2023-32041 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32041 |
|
87 |
Microsoft Windows OLE 安全漏洞 |
CNNVD-202307-866 |
CVE-2023-32042 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32042 |
|
88 |
Microsoft Windows Remote Desktop 安全漏洞 |
CNNVD-202307-868 |
CVE-2023-32043 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32043 |
|
89 |
Microsoft Power Apps 安全漏洞 |
CNNVD-202307-925 |
CVE-2023-32052 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32052 |
|
90 |
Microsoft Windows Active Template Library 安全漏洞 |
CNNVD-202307-928 |
CVE-2023-32055 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32055 |
|
91 |
Microsoft Windows Failover Cluster 安全漏洞 |
CNNVD-202307-936 |
CVE-2023-32083 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32083 |
|
92 |
Microsoft PostScript Printer Driver 安全漏洞 |
CNNVD-202307-940 |
CVE-2023-32085 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32085 |
|
93 |
Microsoft Outlook 安全漏洞 |
CNNVD-202307-828 |
CVE-2023-33151 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33151 |
|
94 |
Microsoft Outlook 安全漏洞 |
CNNVD-202307-832 |
CVE-2023-33153 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33153 |
|
95 |
Microsoft Defender 安全漏洞 |
CNNVD-202307-944 |
CVE-2023-33156 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33156 |
|
96 |
Microsoft Excel 安全漏洞 |
CNNVD-202307-927 |
CVE-2023-33162 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33162 |
|
97 |
Microsoft Windows Remote Procedure Call 安全漏洞 |
CNNVD-202307-921 |
CVE-2023-33164 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33164 |
|
98 |
Microsoft SharePoint 安全漏洞 |
CNNVD-202307-834 |
CVE-2023-33165 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33165 |
|
99 |
Microsoft Windows Remote Procedure Call Runtime 安全漏洞 |
CNNVD-202307-836 |
CVE-2023-33166 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33166 |
|
100 |
Microsoft Windows Remote Procedure Call Runtime 安全漏洞 |
CNNVD-202307-837 |
CVE-2023-33167 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33167 |
|
101 |
Microsoft Windows Remote Procedure Call Runtime 安全漏洞 |
CNNVD-202307-840 |
CVE-2023-33168 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33168 |
|
102 |
Microsoft Windows Remote Procedure Call Runtime 安全漏洞 |
CNNVD-202307-843 |
CVE-2023-33169 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33169 |
|
103 |
Microsoft Windows Remote Procedure Call Runtime 安全漏洞 |
CNNVD-202307-844 |
CVE-2023-33172 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33172 |
|
104 |
Microsoft Windows Remote Procedure Call Runtime 安全漏洞 |
CNNVD-202307-847 |
CVE-2023-33173 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33173 |
|
105 |
Microsoft Windows Cryptographic Services 安全漏洞 |
CNNVD-202307-848 |
CVE-2023-33174 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33174 |
|
106 |
Microsoft PostScript Printer Driver 安全漏洞 |
CNNVD-202307-912 |
CVE-2023-35296 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35296 |
|
107 |
Microsoft PostScript Printer Driver 安全漏洞 |
CNNVD-202307-903 |
CVE-2023-35306 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35306 |
|
108 |
Microsoft Windows MSHTML Platform 安全漏洞 |
CNNVD-202307-904 |
CVE-2023-35308 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35308 |
|
109 |
Microsoft Windows DNS 安全漏洞 |
CNNVD-202307-900 |
CVE-2023-35310 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35310 |
|
110 |
Microsoft Windows Remote Procedure Call Runtime 安全漏洞 |
CNNVD-202307-891 |
CVE-2023-35314 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35314 |
|
111 |
Microsoft Windows Remote Procedure Call Runtime 安全漏洞 |
CNNVD-202307-895 |
CVE-2023-35316 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35316 |
|
112 |
Microsoft Windows Remote Procedure Call Runtime 安全漏洞 |
CNNVD-202307-896 |
CVE-2023-35318 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35318 |
|
113 |
Microsoft Windows Remote Procedure Call Runtime 安全漏洞 |
CNNVD-202307-894 |
CVE-2023-35319 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35319 |
|
114 |
Microsoft Windows Deployment Services 安全漏洞 |
CNNVD-202307-890 |
CVE-2023-35321 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35321 |
|
115 |
Microsoft PostScript Printer Driver 安全漏洞 |
CNNVD-202307-882 |
CVE-2023-35324 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35324 |
|
116 |
Microsoft Windows CDP User Components 安全漏洞 |
CNNVD-202307-878 |
CVE-2023-35326 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35326 |
|
117 |
Microsoft Windows Authentication Methods 安全漏洞 |
CNNVD-202307-873 |
CVE-2023-35329 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35329 |
|
118 |
Microsoft Windows Local Security Authority (LSA) 安全漏洞 |
CNNVD-202307-869 |
CVE-2023-35331 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35331 |
|
119 |
Microsoft Windows Remote Desktop Protocol 安全漏洞 |
CNNVD-202307-867 |
CVE-2023-35332 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35332 |
|
120 |
Microsoft Windows MSHTML Platform 安全漏洞 |
CNNVD-202307-862 |
CVE-2023-35336 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35336 |
|
121 |
Microsoft Windows Media Foundation 安全漏洞 |
CNNVD-202307-851 |
CVE-2023-35341 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35341 |
|
122 |
Microsoft Windows DNS 安全漏洞 |
CNNVD-202307-845 |
CVE-2023-35344 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35344 |
|
123 |
Microsoft Windows DNS 安全漏洞 |
CNNVD-202307-842 |
CVE-2023-35345 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35345 |
|
124 |
Microsoft Windows DNS 安全漏洞 |
CNNVD-202307-841 |
CVE-2023-35346 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35346 |
|
125 |
Microsoft Windows Active Directory 安全漏洞 |
CNNVD-202307-833 |
CVE-2023-35351 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35351 |
|
126 |
Microsoft Windows Authenticode 安全漏洞 |
CNNVD-202307-809 |
CVE-2023-35373 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35373 |
|
127 |
Microsoft Service Fabric 安全漏洞 |
CNNVD-202307-805 |
CVE-2023-36868 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36868 |
|
128 |
Microsoft Azure Active Directory Connect 安全漏洞 |
CNNVD-202307-803 |
CVE-2023-36871 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36871 |
|
129 |
Microsoft Windows Codecs Library 安全漏洞 |
CNNVD-202307-802 |
CVE-2023-36872 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36872 |
|
130 |
Microsoft Office 安全漏洞 |
CNNVD-202307-797 |
CVE-2023-36884 |
低危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36884 |
此次更新共包括9个更新漏洞的补丁程序,其中高危漏洞8个,中危漏洞1个。
|
序号 |
漏洞名称 |
CNNVD编号 |
CVE编号 |
危害等级 |
官方链接 |
|
1 |
Microsoft Windows Kerberos 安全漏洞 |
CNNVD-202211-2288 |
CVE-2022-37967 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967 |
|
2 |
Microsoft Windows Netlogon 安全漏洞 |
CNNVD-202211-2274 |
CVE-2022-38023 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023 |
|
3 |
Microsoft ODBC Driver 安全漏洞 |
CNNVD-202306-1261 |
CVE-2023-29349 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29349 |
|
4 |
Microsoft ODBC Driver 安全漏洞 |
CNNVD-202306-1252 |
CVE-2023-29356 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29356 |
|
5 |
Microsoft ODBC Driver 安全漏洞 |
CNNVD-202306-1254 |
CVE-2023-32025 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32025 |
|
6 |
Microsoft ODBC Driver 安全漏洞 |
CNNVD-202306-1256 |
CVE-2023-32026 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32026 |
|
7 |
Microsoft ODBC Driver 安全漏洞 |
CNNVD-202306-1258 |
CVE-2023-32027 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32027 |
|
8 |
Microsoft OLE Automation Remote code 安全漏洞 |
CNNVD-202306-1260 |
CVE-2023-32028 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32028 |
|
9 |
Microsoft Windows Secure Boot 安全漏洞 |
CNNVD-202305-767 |
CVE-2023-24932 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932 |
三、修复建议
目前,微软官方已经发布补丁修复了上述漏洞,建议用户及时确认漏洞影响,尽快采取修补措施。微软官方补丁下载地址:
https://msrc.microsoft.com/update-guide/en-us
CNNVD将继续跟踪上述漏洞的相关情况,及时发布相关信息。如有需要,可与CNNVD联系。
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论