综述
微软于周二发布了6月安全更新补丁,修复了93个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及Adobe Flash Player、Kerberos、Microsoft Browsers、Microsoft Devices、Microsoft Edge、Microsoft Exchange Server、Microsoft Graphics Component、Microsoft JET Database Engine、Microsoft Office、Microsoft Office SharePoint、Microsoft scripting Engine、Microsoft Windows、Servicing Stack Updates、Skype for Business and Microsoft Lync、Team Foundation Server、vbscript、Windows Authentication Methods、Windows Hyper-V、Windows IIS、Windows Installer、Windows Kernel、Windows Media、Windows NTLM以及Windows Shell。
相关信息如下:
产品 |
CVE 编号 |
CVE 标题 |
严重程度 |
Adobe Flash Player |
ADV190015 |
June 2019 Adobe Flash 安全更新 |
Critical |
Kerberos |
CVE-2019-0972 |
Local Security Authority Subsystem Service 拒绝服务漏洞 |
Important |
Microsoft Browsers |
CVE-2019-1038 |
Microsoft Browser 内存破坏漏洞 |
Critical |
Microsoft Browsers |
CVE-2019-1081 |
Microsoft Browser 信息泄露漏洞 |
Important |
Microsoft Devices |
ADV190016 |
Bluetooth Low Energy Advisory |
Important |
Microsoft Devices |
ADV190017 |
Microsoft HoloLens Remote Code Execution Vulnerabilities |
Important |
Microsoft Edge |
CVE-2019-1054 |
Microsoft Edge 安全功能绕过漏洞 |
Important |
Microsoft Exchange Server |
ADV190018 |
Microsoft Exchange Server Defense in Depth Update |
Unknown |
Microsoft Graphics Component |
CVE-2019-1009 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-1010 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-1011 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-1012 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-1013 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-1015 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-1016 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-1018 |
DirectX 特权提升漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-1046 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-1047 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-1048 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-1049 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-1050 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-0960 |
Win32k 特权提升漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-0968 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-0977 |
Windows GDI 信息泄露漏洞 |
Important |
Microsoft Graphics Component |
CVE-2019-0985 |
Microsoft Speech API 远程代码执行漏洞 |
Critical |
Microsoft JET Database Engine |
CVE-2019-0904 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0905 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0906 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0907 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0908 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0909 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft JET Database Engine |
CVE-2019-0974 |
Jet Database Engine 远程代码执行漏洞 |
Important |
Microsoft Office |
CVE-2019-1034 |
Microsoft Word 远程代码执行漏洞 |
Important |
Microsoft Office |
CVE-2019-1035 |
Microsoft Word 远程代码执行漏洞 |
Important |
Microsoft Office SharePoint |
CVE-2019-1036 |
Microsoft Office SharePoint XSS Vulnerability |
Important |
Microsoft Office SharePoint |
CVE-2019-1031 |
Microsoft Office SharePoint XSS Vulnerability |
Important |
Microsoft Office SharePoint |
CVE-2019-1032 |
Microsoft Office SharePoint XSS Vulnerability |
Important |
Microsoft Office SharePoint |
CVE-2019-1033 |
Microsoft Office SharePoint XSS Vulnerability |
Important |
Microsoft scripting Engine |
CVE-2019-0988 |
scripting Engine 内存破坏漏洞 |
Critical |
Microsoft scripting Engine |
CVE-2019-0989 |
Chakra scripting Engine 内存破坏漏洞 |
Critical |
Microsoft scripting Engine |
CVE-2019-1055 |
scripting Engine 内存破坏漏洞 |
Critical |
Microsoft scripting Engine |
CVE-2019-0920 |
scripting Engine 内存破坏漏洞 |
Moderate |
Microsoft scripting Engine |
CVE-2019-0990 |
scripting Engine 信息泄露漏洞 |
Critical |
Microsoft scripting Engine |
CVE-2019-0991 |
Chakra scripting Engine 内存破坏漏洞 |
Critical |
Microsoft scripting Engine |
CVE-2019-0992 |
Chakra scripting Engine 内存破坏漏洞 |
Critical |
Microsoft scripting Engine |
CVE-2019-0993 |
Chakra scripting Engine 内存破坏漏洞 |
Critical |
Microsoft scripting Engine |
CVE-2019-1002 |
Chakra scripting Engine 内存破坏漏洞 |
Critical |
Microsoft scripting Engine |
CVE-2019-1003 |
Chakra scripting Engine 内存破坏漏洞 |
Critical |
Microsoft scripting Engine |
CVE-2019-1023 |
scripting Engine 信息泄露漏洞 |
Critical |
Microsoft scripting Engine |
CVE-2019-1024 |
Chakra scripting Engine 内存破坏漏洞 |
Critical |
Microsoft scripting Engine |
CVE-2019-1051 |
Chakra scripting Engine 内存破坏漏洞 |
Critical |
Microsoft scripting Engine |
CVE-2019-1052 |
Chakra scripting Engine 内存破坏漏洞 |
Critical |
Microsoft scripting Engine |
CVE-2019-1080 |
scripting Engine 内存破坏漏洞 |
Moderate |
Microsoft Windows |
CVE-2019-0888 |
ActiveX Data Objects (ADO) 远程代码执行漏洞 |
Critical |
Microsoft Windows |
CVE-2019-0943 |
Windows ALPC 特权提升漏洞 |
Important |
Microsoft Windows |
CVE-2019-0948 |
Windows Event Viewer 信息泄露漏洞 |
Moderate |
Microsoft Windows |
CVE-2019-0959 |
Windows Common Log File System Driver 特权提升漏洞 |
Important |
Microsoft Windows |
CVE-2019-0984 |
Windows Common Log File System Driver 特权提升漏洞 |
Important |
Microsoft Windows |
CVE-2019-0709 |
Windows Hyper-V 远程代码执行漏洞 |
Critical |
Microsoft Windows |
CVE-2019-0710 |
Windows Hyper-V 拒绝服务漏洞 |
Important |
Microsoft Windows |
CVE-2019-0711 |
Windows Hyper-V 拒绝服务漏洞 |
Important |
Microsoft Windows |
CVE-2019-0713 |
Windows Hyper-V 拒绝服务漏洞 |
Important |
Microsoft Windows |
CVE-2019-0722 |
Windows Hyper-V 远程代码执行漏洞 |
Critical |
Microsoft Windows |
CVE-2019-0983 |
Windows Storage Service 特权提升漏洞 |
Important |
Microsoft Windows |
CVE-2019-0998 |
Windows Storage Service 特权提升漏洞 |
Important |
Microsoft Windows |
CVE-2019-1025 |
Windows 拒绝服务漏洞 |
Important |
Microsoft Windows |
CVE-2019-1043 |
Comctl32 远程代码执行漏洞 |
Important |
Microsoft Windows |
CVE-2019-1045 |
Windows Network File System 特权提升漏洞 |
Important |
Microsoft Windows |
CVE-2019-1064 |
Windows 特权提升漏洞 |
Important |
Microsoft Windows |
CVE-2019-1069 |
Task Scheduler 特权提升漏洞 |
Important |
Servicing Stack Updates |
ADV990001 |
Latest Servicing Stack Updates |
Critical |
Skype for Business and Microsoft Lync |
CVE-2019-1029 |
Skype for Business and Lync Server 拒绝服务漏洞 |
Important |
Team Foundation Server |
CVE-2019-0996 |
Azure DevOps Server 欺骗漏洞 |
Important |
vbscript |
CVE-2019-1005 |
scripting Engine 内存破坏漏洞 |
Important |
Windows Authentication Methods |
CVE-2019-1040 |
Windows NTLM Tampering Vulnerability |
Important |
Windows Hyper-V |
CVE-2019-0620 |
Windows Hyper-V 远程代码执行漏洞 |
Critical |
Windows IIS |
CVE-2019-0941 |
Microsoft IIS Server 拒绝服务漏洞 |
Important |
Windows Installer |
CVE-2019-0973 |
Windows Installer 特权提升漏洞 |
Important |
Windows Kernel |
CVE-2019-1014 |
Win32k 特权提升漏洞 |
Important |
Windows Kernel |
CVE-2019-1017 |
Win32k 特权提升漏洞 |
Important |
Windows Kernel |
CVE-2019-1039 |
Windows Kernel 信息泄露漏洞 |
Important |
Windows Kernel |
CVE-2019-1041 |
Windows Kernel 特权提升漏洞 |
Important |
Windows Kernel |
CVE-2019-1044 |
Windows Secure Kernel Mode 安全功能绕过漏洞 |
Important |
Windows Kernel |
CVE-2019-1065 |
Windows Kernel 特权提升漏洞 |
Important |
Windows Media |
CVE-2019-1007 |
Windows Audio Service 特权提升漏洞 |
Important |
Windows Media |
CVE-2019-1021 |
Windows Audio Service 特权提升漏洞 |
Important |
Windows Media |
CVE-2019-1022 |
Windows Audio Service 特权提升漏洞 |
Important |
Windows Media |
CVE-2019-1026 |
Windows Audio Service 特权提升漏洞 |
Important |
Windows Media |
CVE-2019-1027 |
Windows Audio Service 特权提升漏洞 |
Important |
Windows Media |
CVE-2019-1028 |
Windows Audio Service 特权提升漏洞 |
Important |
Windows NTLM |
CVE-2019-1019 |
Microsoft Windows 安全功能绕过漏洞 |
Important |
Windows Shell |
CVE-2019-0986 |
Windows User Profile Service 特权提升漏洞 |
Important |
Windows Shell |
CVE-2019-1053 |
Windows Shell 特权提升漏洞 |
Important |
修复建议
微软官方已经发布更新补丁,请及时进行补丁更新。
全文下载
/upload/contents/2019/06/20190612135502_70824.pdf