Popular Products
Latest Products
Recommended Services
Computing
Storage
Backup
Network&CDN
Security
Database
Big Data Computing
Big Data Search and Analysis
Big Data Application
Big Data Solutions
Domain Name and Website
Platform
Communications
Intelligent Management
Office Automation
Auto Service
Management & Monitoring
Middleware
IT Management & Tools
Enterprise Service Solutions
Hybrid Cloud Solutions
Big Data Solutions
AI Solutions
Security Solutions
Private Cloud Solutions
Financial Solutions
Smart City Solutions
Medical Solutions
【漏洞详情】
微软于本周发布了2020年09月安全补丁,共修复包括129个安全漏洞,其中严重级别23个,重要级别104个,覆盖Microsoft Windows, Edge、ChakraCore、Internet Explorer (IE)、SQL Server、Office and Office Services and Web Apps、Microsoft Dynamics、Visual Studio、Exchange Server、ASP.NET、Microsoft Dynamics、Visual Studio、Exchange Server、ASP.NET、OneDrive、Azure DevOps等产品,严重漏洞清单如下:
|
序号 |
CVE 编号 |
CVE 标题 |
严重程度 |
|
1 |
CVE-2020-1285 |
GDI+ Remote Code Execution Vulnerability |
Critical |
|
2 |
CVE-2020-0878 |
Microsoft Browser Memory Corruption Vulnerability |
Critical |
|
3 |
CVE-2020-0922 |
Microsoft COM for Windows Remote Code Execution Vulnerability |
Critical |
|
4 |
CVE-2020-16862 |
Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability |
Critical |
|
5 |
CVE-2020-16857 |
Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability |
Critical |
|
6 |
CVE-2020-16875 |
Microsoft Exchange Memory Corruption Vulnerability |
Critical |
|
7 |
CVE-2020-1200 |
Microsoft SharePoint Remote Code Execution Vulnerability |
Critical |
|
8 |
CVE-2020-1210 |
Microsoft SharePoint Remote Code Execution Vulnerability |
Critical |
|
9 |
CVE-2020-1452 |
Microsoft SharePoint Remote Code Execution Vulnerability |
Critical |
|
10 |
CVE-2020-1453 |
Microsoft SharePoint Remote Code Execution Vulnerability |
Critical |
|
11 |
CVE-2020-1576 |
Microsoft SharePoint Remote Code Execution Vulnerability |
Critical |
|
12 |
CVE-2020-1595 |
Microsoft SharePoint Remote Code Execution Vulnerability |
Critical |
|
13 |
CVE-2020-1460 |
Microsoft SharePoint Server Remote Code Execution Vulnerability |
Critical |
|
14 |
CVE-2020-1129 |
Microsoft Windows Codecs Library Remote Code Execution Vulnerability |
Critical |
|
15 |
CVE-2020-1319 |
Microsoft Windows Codecs Library Remote Code Execution Vulnerability |
Critical |
|
16 |
CVE-2020-1057 |
Scripting Engine Memory Corruption Vulnerability |
Critical |
|
17 |
CVE-2020-1172 |
Scripting Engine Memory Corruption Vulnerability |
Critical |
|
18 |
CVE-2020-16874 |
Visual Studio Remote Code Execution Vulnerability |
Critical |
|
19 |
CVE-2020-0997 |
Windows Camera Codec Pack Remote Code Execution Vulnerability |
Critical |
|
20 |
CVE-2020-1508 |
Windows Media Audio Decoder Remote Code Execution Vulnerability |
Critical |
|
21 |
CVE-2020-1593 |
Windows Media Audio Decoder Remote Code Execution Vulnerability |
Critical |
|
22 |
CVE-2020-1252 |
Windows Remote Code Execution Vulnerability |
Critical |
|
23 |
CVE-2020-0908 |
Windows Text Service Module Remote Code Execution Vulnerability |
Critical |
【风险评级】
高危
【影响范围】
l Windows系统及相关产品
【修复建议】
建议受影响的用户结合实际业务评估漏洞风险影响,可通过如下方案避免安全风险:
修复方法:打开 Windows Update 更新功能,点击“检查更新”按钮,依据业务需求下载安装相关安全补丁,安装完毕后重启系统,并检查系统运行情况。
【参考链接】
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Sep
特别提醒:修复漏洞前请进行充分测试,并务必做好数据备份和快照,防止出现意外。
平安云
2020年9月9日
