近日,微软官方发布了多个安全漏洞的公告,其中微软产品本身漏洞74个,影响到微软产品的其他厂商漏洞1个。包括Microsoft Exchange Server 安全漏洞(CNNVD-202308-737、CVE-2023-21709)、Microsoft Message Queuing 安全漏洞(CNNVD-202308-734、CVE-2023-35385)等多个漏洞。成功利用上述漏洞的攻击者可以在目标系统上执行任意代码、获取用户数据,提升权限等。微软多个产品和系统受漏洞影响。目前,微软官方已经发布了漏洞修复补丁,建议用户及时确认是否受到漏洞影响,尽快采取修补措施。
2023年8月8日,微软发布了2023年8月份安全更新,共75个漏洞的补丁程序,CNNVD对这些漏洞进行了收录。本次更新主要涵盖了Microsoft Windows 和 Windows 组件、Microsoft Dynamics 365、Microsoft Windows Mobile Device Management、Microsoft Windows HTML Platform、Microsoft Windows Cryptographic Services、Microsoft Azure等。CNNVD对其危害等级进行了评价,其中超危漏洞4个,高危漏洞48个,中危漏洞23个。微软多个产品和系统版本受漏洞影响,具体影响范围可访问微软官方网站查询:
序号
| 漏洞名称
| CNNVD编号
| CVE编号
| 危害等级
| 官方链接
|
1
| Microsoft Exchange Server 安全漏洞
| CNNVD-202308-737
| CVE-2023-21709
| 超危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21709
|
2
| Microsoft Message Queuing 安全漏洞
| CNNVD-202308-734
| CVE-2023-35385
| 超危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35385
|
3
| Microsoft Message Queuing 安全漏洞
| CNNVD-202308-693
| CVE-2023-36910
| 超危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36910
|
4
| Microsoft Message Queuing 安全漏洞
| CNNVD-202308-691
| CVE-2023-36911
| 超危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36911
|
5
| Microsoft Teams 安全漏洞
| CNNVD-202308-678
| CVE-2023-29328
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29328
|
6
| Microsoft Teams 安全漏洞
| CNNVD-202308-679
| CVE-2023-29330
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29330
|
7
| Microsoft Windows Kernel 安全漏洞
| CNNVD-202308-682
| CVE-2023-35359
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35359
|
8
| Microsoft Exchange Server 安全漏洞
| CNNVD-202308-683
| CVE-2023-35368
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35368
|
9
| Microsoft Office 安全漏洞
| CNNVD-202308-744
| CVE-2023-35371
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35371
|
10
| Microsoft Office Visio 安全漏洞
| CNNVD-202308-747
| CVE-2023-35372
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35372
|
11
| Microsoft Projected File System 安全漏洞
| CNNVD-202308-719
| CVE-2023-35378
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35378
|
12
| Microsoft Windows 安全漏洞
| CNNVD-202308-718
| CVE-2023-35379
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35379
|
13
| Microsoft Windows Kernel 安全漏洞
| CNNVD-202308-720
| CVE-2023-35380
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35380
|
14
| Microsoft Windows Fax Service 安全漏洞
| CNNVD-202308-721
| CVE-2023-35381
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35381
|
15
| Microsoft Windows Kernel 安全漏洞
| CNNVD-202308-722
| CVE-2023-35382
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35382
|
16
| Microsoft Message Queuing 安全漏洞
| CNNVD-202308-724
| CVE-2023-35383
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35383
|
17
| Microsoft Windows Kernel 安全漏洞
| CNNVD-202308-739
| CVE-2023-35386
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35386
|
18
| Microsoft Windows Bluetooth A2DP driver 安全漏洞
| CNNVD-202308-743
| CVE-2023-35387
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35387
|
19
| Microsoft Exchange Server 安全漏洞
| CNNVD-202308-750
| CVE-2023-35388
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35388
|
20
| Microsoft .NET和Visual Studio 安全漏洞
| CNNVD-202308-749
| CVE-2023-35390
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35390
|
21
| Microsoft ASP.NET Core和Visual Studio 安全漏洞
| CNNVD-202308-660
| CVE-2023-35391
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35391
|
22
| Microsoft Office Visio 安全漏洞
| CNNVD-202308-685
| CVE-2023-36865
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36865
|
23
| Microsoft Office Visio 安全漏洞
| CNNVD-202308-687
| CVE-2023-36866
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36866
|
24
| Microsoft .NET Framework 安全漏洞
| CNNVD-202308-659
| CVE-2023-36873
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36873
|
25
| Microsoft Reliability Analysis Metrics Calculation Engine 安全漏洞
| CNNVD-202308-692
| CVE-2023-36876
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36876
|
26
| Microsoft OLE DB Provider for SQL Server 安全漏洞
| CNNVD-202308-694
| CVE-2023-36882
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36882
|
27
| Microsoft SharePoint 安全漏洞
| CNNVD-202308-710
| CVE-2023-36891
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36891
|
28
| Microsoft SharePoint 安全漏洞
| CNNVD-202308-714
| CVE-2023-36892
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36892
|
29
| Microsoft Outlook 安全漏洞
| CNNVD-202308-713
| CVE-2023-36895
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36895
|
30
| Microsoft Excel 安全漏洞
| CNNVD-202308-707
| CVE-2023-36896
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36896
|
31
| Microsoft Visual Studio 安全漏洞
| CNNVD-202308-706
| CVE-2023-36897
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36897
|
32
| Microsoft Tablet Windows User Interface 安全漏洞
| CNNVD-202308-702
| CVE-2023-36898
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36898
|
33
| Microsoft ASP.NET Core 安全漏洞
| CNNVD-202308-658
| CVE-2023-36899
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36899
|
34
| Microsoft Windows Common Log File System Driver 安全漏洞
| CNNVD-202308-705
| CVE-2023-36900
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36900
|
35
| Microsoft Windows System Assessment Tool 安全漏洞
| CNNVD-202308-703
| CVE-2023-36903
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36903
|
36
| Microsoft Windows Cloud Files Mini Filter Driver 安全漏洞
| CNNVD-202308-704
| CVE-2023-36904
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36904
|
37
| Microsoft Message Queuing 安全漏洞
| CNNVD-202308-690
| CVE-2023-36912
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36912
|
38
| Microsoft Windows Kernel 安全漏洞
| CNNVD-202308-684
| CVE-2023-38154
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38154
|
39
| Microsoft Dynamics Business Central 安全漏洞
| CNNVD-202308-681
| CVE-2023-38167
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38167
|
40
| Microsoft OLE DB Provider for SQL Server 安全漏洞
| CNNVD-202308-701
| CVE-2023-38169
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38169
|
41
| Microsoft HEVC Video Extensions 安全漏洞
| CNNVD-202308-676
| CVE-2023-38170
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38170
|
42
| Microsoft Message Queuing 安全漏洞
| CNNVD-202308-677
| CVE-2023-38172
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38172
|
43
| Microsoft Windows Defender 安全漏洞
| CNNVD-202308-675
| CVE-2023-38175
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38175
|
44
| Microsoft Azure Arc 安全漏洞
| CNNVD-202308-674
| CVE-2023-38176
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38176
|
45
| Microsoft .NET Core和Visual Studio 安全漏洞
| CNNVD-202308-673
| CVE-2023-38178
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38178
|
46
| Microsoft .NET和Visual Studio 安全漏洞
| CNNVD-202308-657
| CVE-2023-38180
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38180
|
47
| Microsoft Exchange Server 安全漏洞
| CNNVD-202308-672
| CVE-2023-38181
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38181
|
48
| Microsoft Exchange Server 安全漏洞
| CNNVD-202308-671
| CVE-2023-38182
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38182
|
49
| Microsoft Lightweight Directory Access Protocol 安全漏洞
| CNNVD-202308-670
| CVE-2023-38184
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38184
|
50
| Microsoft Exchange Server 安全漏洞
| CNNVD-202308-669
| CVE-2023-38185
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38185
|
51
| Microsoft Windows Mobile Device Management 安全漏洞
| CNNVD-202308-668
| CVE-2023-38186
| 高危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38186
|
52
| Microsoft Message Queuing 安全漏洞
| CNNVD-202308-711
| CVE-2023-35376
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35376
|
53
| Microsoft Message Queuing 安全漏洞
| CNNVD-202308-716
| CVE-2023-35377
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35377
|
54
| Microsoft Windows HTML Platform 安全漏洞
| CNNVD-202308-725
| CVE-2023-35384
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35384
|
55
| Microsoft Dynamics 365 安全漏洞
| CNNVD-202308-746
| CVE-2023-35389
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35389
|
56
| Microsoft Azure 安全漏洞
| CNNVD-202308-748
| CVE-2023-35393
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35393
|
57
| Microsoft Azure 安全漏洞
| CNNVD-202308-745
| CVE-2023-35394
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35394
|
58
| Microsoft Azure DevOps Server 安全漏洞
| CNNVD-202308-689
| CVE-2023-36869
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36869
|
59
| Microsoft Azure 安全漏洞
| CNNVD-202308-717
| CVE-2023-36877
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36877
|
60
| Microsoft Azure 安全漏洞
| CNNVD-202308-715
| CVE-2023-36881
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36881
|
61
| Microsoft Windows Group Policy 安全漏洞
| CNNVD-202308-697
| CVE-2023-36889
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36889
|
62
| Microsoft SharePoint 安全漏洞
| CNNVD-202308-712
| CVE-2023-36890
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36890
|
63
| Microsoft Outlook 安全漏洞
| CNNVD-202308-709
| CVE-2023-36893
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36893
|
64
| Microsoft SharePoint 安全漏洞
| CNNVD-202308-708
| CVE-2023-36894
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36894
|
65
| Microsoft Windows Wireless Networking 安全漏洞
| CNNVD-202308-700
| CVE-2023-36905
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36905
|
66
| Microsoft Windows Cryptographic Services 安全漏洞
| CNNVD-202308-699
| CVE-2023-36906
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36906
|
67
| Microsoft Windows Cryptographic Services 安全漏洞
| CNNVD-202308-698
| CVE-2023-36907
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36907
|
68
| Microsoft Hyper-V 安全漏洞
| CNNVD-202308-696
| CVE-2023-36908
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36908
|
69
| Microsoft Message Queuing 安全漏洞
| CNNVD-202308-695
| CVE-2023-36909
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36909
|
70
| Microsoft Message Queuing 安全漏洞
| CNNVD-202308-688
| CVE-2023-36913
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36913
|
71
| Microsoft Windows Windows Smart Card Resource Management Server 安全漏洞
| CNNVD-202308-686
| CVE-2023-36914
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36914
|
72
| Microsoft Azure 安全漏洞
| CNNVD-202308-667
| CVE-2023-38188
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38188
|
73
| Microsoft Message Queuing 安全漏洞
| CNNVD-202308-666
| CVE-2023-38254
| 中危
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38254
|
目前,微软官方已经发布补丁修复了上述漏洞,建议用户及时确认漏洞影响,尽快采取修补措施。微软官方补丁下载地址:https://msrc.microsoft.com/update-guide/en-us
吉公网安备 22017202000203号
