【漏洞情报】微软2020年10月补丁情报

Products
- Recommended
- Cloud Essential Products
- Big Data
- Enterprise Applications
- Developer Services
No results found. Please try re-entering the product name
Popular Products

Elastic Compute Service HOT

Machine Vision HOT

IoT Platform HOT

Dedicated Host

API Gateway

Data Transmission Service

Key Management Service

E-MapReduce

Application Management Service

Latest Products

Voiceprint Recognition NEW

Cloud Digital Signature Service

Resource Orchestration Service

DB Backup and Recovery Service

Database Management Service

Omni-Sinitic

Registration

Recommended Services

Documentation

Partners

Computing

Elastic Compute Service HOT

Elastic GPU Service

Dedicated Host

Auto Scaling

Bare Metal Service

Pingan Kubernetes cluster Service

Storage

Elastic Block Storage

Object Based Storage

CloudNAS

Backup

DB Backup and Recovery Service

Network&CDN

Virtual Private Cloud

Elastic Load Balancing

Internet Gateway

NAT Gateway

Express Connect

VPN Gateway

Content Distribution Network

Security

Ping An Host Security NEW

Web Scan

Web Application Firewall

Ping An Security Center (PSC)

Certificate Authority Service

Security Expert Service

Web Application Firewall ( New )

Mobile Security

Database

RDS-PostgreSQL

RDS-MySQL

Redis

Document Database Service

TiDB

Database Management Service

PingAn Database Audit Service

Data Transmission Service

Advanced Database Service

Big Data Computing

E-MapReduce

Big Data Search and Analysis

Ping An Brain

Log Service

Big Data Application

Nebula BI

Big Data Solutions

Facial Recognition

Fake ID Identification

Voiceprint-based Verification

Domain Name and Website

Domain Name Service

Domain Name Registration NEW

Platform

IoT Platform

Edge Node Service (Beta) NEW

Communications

Direct Mail

Short Message Service

PAVIDEO

Intelligent Management

AnBot

Office Automation

Electronic Voucher Platform Core

Digital Signatures Certification System

ZHI NIAO

RPA Robee

Unified Collaborative Office Platform

Auto Service

Ping An Drive

Management & Monitoring

Key Management Service

Argus

Resource Access Management

Operation System Platform

Middleware

API Gateway

Message Queue

Message Queue Kafka (Beta)

IT Management & Tools

Wizard

ServiceBot

D7 Extended Deployment Automation

LINKDO

Application Management Service

Dynamic Traffic Distribution Platform

WiseAPM

WiseAPM Mobile

WiseAPM Browser

WiseAPM DialTest

WiseAPM Database
Solutions
- Universal Solutions
- Industry Solutions
Enterprise Service Solutions

Unified Platform

Collaborative Office

Swift Website Deployment

Hybrid Cloud Solutions

Cloud Migration

Big Data Solutions

Facial Recognition

Fake ID Identification

AI Solutions

AI-Smart Home

Security Solutions

Universal Security

Financial Cloud Security

Private Cloud Solutions

Ping An Private Cloud NEW

Financial Solutions

Bank

Insurance

Investment

Internet Finance

Smart City Solutions

Smart Public Security

Smart Penitentiary

Smart Airport

Smart Port

Smart Traffic

Smart Higher Education

Smart Community

Smart Building

Smart Scenic Areas

Smart Environment Protection

Medical Solutions

Smart Medical Platform

PACS Cloud Solution for Medical Imagery

Medical Active-Standby Cloud system
Customers
Pricing
Partners
Documentation
About Us

首页
安全公告
公告详情

【漏洞情报】微软2020年10月补丁情报

【漏洞详情】

微软于本周发布了2020年10月安全补丁，共修复包括87个安全漏洞，其中Windows TCP/IP、Microsoft Outlook、Microsoft SharePoint、Microsoft Graphics Components、GDI+、Windows Hyper-V、Media Foundation、Windows Camera Codec Pack等产品中的11个漏洞被微软官方标记为紧急漏洞，严重漏洞清单如下：

序号	CVE 编号	CVE 标题	严重程度
1	CVE-2020-17003	Base3D Remote Code Execution Vulnerability	Critical
2	CVE-2020-16911	GDI+ Remote Code Execution Vulnerability	Critical
3	CVE-2020-16915	Media Foundation Memory Corruption Vulnerability	Critical
4	CVE-2020-16923	Microsoft Graphics Components Remote Code Execution Vulnerability	Critical
5	CVE-2020-16947	Microsoft Outlook Remote Code Execution Vulnerability	Critical
6	CVE-2020-16951	Microsoft SharePoint Remote Code Execution Vulnerability	Critical
7	CVE-2020-16952	Microsoft SharePoint Remote Code Execution Vulnerability	Critical
8	CVE-2020-16967	Windows Camera Codec Pack Remote Code Execution Vulnerability	Critical
9	CVE-2020-16968	Windows Camera Codec Pack Remote Code Execution Vulnerability	Critical
10	CVE-2020-16891	Windows Hyper-V Remote Code Execution Vulnerability	Critical
11	CVE-2020-16898	Windows TCP/IP Remote Code Execution Vulnerability	Critical

【风险评级】

高危

【影响范围】

l Windows系统及相关产品

【修复建议】

建议受影响的用户结合实际业务评估漏洞风险影响，可通过如下方案避免安全风险：

修复方法：打开 Windows Update 更新功能，点击“检查更新”按钮，依据业务需求下载安装相关安全补丁，安装完毕后重启系统，并检查系统运行情况。

【参考链接】

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Oct

特别提醒：修复漏洞前请进行充分测试，并务必做好数据备份和快照，防止出现意外。

平安云

2020年10月14日

上一条公告【漏洞情报】Oracle Weblogic 远程代码执行漏洞情报

下一条公告【漏洞情报】Apache Solr未授权上传漏洞情报