微软于周二发布了1月安全更新补丁,修复了51个从简单的欺骗攻击到远程执行代码的安全问题。

产品涉及.NET Framework、Adobe Flash Player、Android App、ASP.NET、Internet Explorer、Microsoft Edge、Microsoft Exchange Server、Microsoft JET Database Engine、Microsoft Office、Microsoft Office SharePoint、Microsoft Scripting Engine、Microsoft Windows、Microsoft XML、Servicing Stack Updates、Visual Studio、Windows COM、Windows DHCP Client、Windows Hyper-V、Windows Kernel以及Windows Subsystem for Linux。

漏洞简介

相关信息如下:

产品

CVE 编号

CVE 标题

严重程度

.NET Framework

CVE-2019-0545

.NET Framework 信息泄露漏洞

Important

Adobe Flash Player

ADV190001

January 2019 Adobe Flash Update

Unknown

Android App

CVE-2019-0622

Skype for Android 特权提升漏洞

Moderate

ASP.NET

CVE-2019-0548

ASP.NET Core 拒绝服务漏洞

Important

ASP.NET

CVE-2019-0564

ASP.NET Core 拒绝服务漏洞

Important

Internet Explorer

CVE-2019-0541

MSHTML Engine 远程代码执行漏洞

Important

Microsoft Edge

CVE-2019-0565

Microsoft Edge 内存破坏漏洞

Critical

Microsoft Edge

CVE-2019-0566

Microsoft Edge 特权提升漏洞

Important

Microsoft Exchange Server

CVE-2019-0586

Microsoft Exchange 内存破坏漏洞

Important

Microsoft Exchange Server

CVE-2019-0588

Microsoft Exchange 信息泄露漏洞

Important

Microsoft JET Database Engine

CVE-2019-0538

Jet Database Engine 远程代码执行漏洞

Important

Microsoft JET Database Engine

CVE-2019-0575

Jet Database Engine 远程代码执行漏洞

Important

Microsoft JET Database Engine

CVE-2019-0576

Jet Database Engine 远程代码执行漏洞

Important

Microsoft JET Database Engine

CVE-2019-0577

Jet Database Engine 远程代码执行漏洞

Important

Microsoft JET Database Engine

CVE-2019-0578

Jet Database Engine 远程代码执行漏洞

Important

Microsoft JET Database Engine

CVE-2019-0579

Jet Database Engine 远程代码执行漏洞

Important

Microsoft JET Database Engine

CVE-2019-0580

Jet Database Engine 远程代码执行漏洞

Important

Microsoft JET Database Engine

CVE-2019-0581

Jet Database Engine 远程代码执行漏洞

Important

Microsoft JET Database Engine

CVE-2019-0582

Jet Database Engine 远程代码执行漏洞

Important

Microsoft JET Database Engine

CVE-2019-0583

Jet Database Engine 远程代码执行漏洞

Important

Microsoft JET Database Engine

CVE-2019-0584

Jet Database Engine 远程代码执行漏洞

Important

Microsoft Office

CVE-2019-0585

Microsoft Word 远程代码执行漏洞

Important

Microsoft Office

CVE-2019-0559

Microsoft Outlook 信息泄露漏洞

Important

Microsoft Office

CVE-2019-0560

Microsoft Office 信息泄露漏洞

Important

Microsoft Office

CVE-2019-0561

Microsoft Word 信息泄露漏洞

Important

Microsoft Office SharePoint

CVE-2019-0556

Microsoft Office SharePoint XSS Vulnerability

Important

Microsoft Office SharePoint

CVE-2019-0557

Microsoft Office SharePoint XSS Vulnerability

Important

Microsoft Office SharePoint

CVE-2019-0558

Microsoft Office SharePoint XSS Vulnerability

Important

Microsoft Office SharePoint

CVE-2019-0562

Microsoft SharePoint 特权提升漏洞

Important

Microsoft Scripting Engine

CVE-2019-0539

Chakra Scripting Engine 内存破坏漏洞

Critical

Microsoft Scripting Engine

CVE-2019-0567

Chakra Scripting Engine 内存破坏漏洞

Critical

Microsoft Scripting Engine

CVE-2019-0568

Chakra Scripting Engine 内存破坏漏洞

Critical

Microsoft Windows

CVE-2019-0543

Microsoft Windows 特权提升漏洞

Important

Microsoft Windows

CVE-2019-0570

Windows Runtime 特权提升漏洞

Important

Microsoft Windows

CVE-2019-0571

Windows Data Sharing Service 特权提升漏洞

Important

Microsoft Windows

CVE-2019-0572

Windows Data Sharing Service 特权提升漏洞

Important

Microsoft Windows

CVE-2019-0573

Windows Data Sharing Service 特权提升漏洞

Important

Microsoft Windows

CVE-2019-0574

Windows Data Sharing Service 特权提升漏洞

Important

Microsoft XML

CVE-2019-0555

Microsoft XmlDocument 特权提升漏洞

Important

Servicing Stack Updates

ADV990001

Latest Servicing Stack Updates

Critical

Visual Studio

CVE-2019-0537

Microsoft Visual Studio 信息泄露漏洞

Important

Visual Studio

CVE-2019-0546

Visual Studio 远程代码执行漏洞

Moderate

Windows COM

CVE-2019-0552

Windows COM 特权提升漏洞

Important

Windows DHCP Client

CVE-2019-0547

Windows DHCP Client 远程代码执行漏洞

Critical

Windows Hyper-V

CVE-2019-0550

Windows Hyper-V 远程代码执行漏洞

Critical

Windows Hyper-V

CVE-2019-0551

Windows Hyper-V 远程代码执行漏洞

Critical

Windows Kernel

CVE-2019-0536

Windows Kernel 信息泄露漏洞

Important

Windows Kernel

CVE-2019-0549

Windows Kernel 信息泄露漏洞

Important

Windows Kernel

CVE-2019-0554

Windows Kernel 信息泄露漏洞

Important

Windows Kernel

CVE-2019-0569

Windows Kernel 信息泄露漏洞

Important

Windows Subsystem for Linux

CVE-2019-0553

Windows Subsystem for Linux 信息泄露漏洞

Important

 

修复建议

微软官方已经发布更新补丁,请及时进行补丁更新。

附录

 

源链接

Hacking more

...