【漏洞通告】微软5月安全更新多个产品高危漏洞通告
2023-09-11 14:17:07 时间
【漏洞通告】微软5月安全更新多个产品高危漏洞通告
威胁对抗能力部 [绿盟科技安全情报](javascript:void(0)😉 今天
通告编号:NS-2020-0032
2020-05-13
| TAG: | 安全更新、Windows、IE、Office、Edge、Visual Studio |
|---|---|
| 漏洞危害: | 攻击者利用本次安全更新中的漏洞,可造成信息泄露、特权提升、远程代码执行等。 |
| 版本: | 1.0 |
1
漏洞概述
北京时间5月13日,微软发布5月安全更新补丁,修复了111个安全问题,涉及Microsoft Windows、Internet Explorer、Microsoft Edge、.NET Framework、Microsoft Office、Visual Studio等广泛使用的产品,其中包括特权提升和远程代码执行等高危漏洞类型。
本月微软月度更新修复的漏洞中,严重程度为关键(Critical)的漏洞共有16个,重要(Important)漏洞有95个。其中Win32k 特权提升(CVE-2020-1054)漏洞的PoC已公开,请相关用户及时更新补丁进行防护,详细漏洞列表请参考附录。
参考链接:
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-May
SEE MORE →
2重点漏洞简述
根据产品流行度和漏洞重要性筛选出此次更新中包含影响较大的漏洞,请相关用户重点进行关注:
CVE-2020-1054(PoC已公开)/CVE-2020-1143**:**Win32k 特权提升漏洞
由于Windows kernel-mode driver未能正确处理内存中的对象,导致存在两个特权提升漏洞。攻击者可通过登录目标系统并运行特制的应用程序来进行利用,成功利用此漏洞的攻击者可以在系统内核模式中执行任意代码。
官方通告链接:
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1054
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1143
CVE-2020-1067**:**Windows 远程执行代码漏洞
Windows 在处理内存对象的过程中存在远程执行代码漏洞。具有域用户帐户的攻击者通过发送特殊的请求,从而使 Windows 执行提升权限的任意代码。成功利用此漏洞可以在受影响的Windows上以更高的权限执行任意代码。
官方通告链接:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1067
CVE-2020-1153**:**Microsoft 图形组件远程代码执行漏洞
Microsoft Graphics Components在处理内存对象的过程中存在远程代码执行漏洞。攻击者可通过诱导用户打开特制文件来利用此漏洞,成功利用此漏洞的攻击者可在目标系统上执行任意代码。
官方通告链接:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1153
CVE-2020-1062**:**Internet Explorer 内存损坏漏洞
当 Internet Explorer 不正确地访问内存中的对象时,存在远程执行代码漏洞。该漏洞可能以一种攻击者可以在当前用户的上下文中执行任意代码的方式损坏内存。成功利用该漏洞的攻击者可以获得与当前用户相同的用户权限。当用户访问一个特别设计的、由攻击者控制的web页面时,可能会触发此漏洞。
官方通告链接:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1062
CVE-2020-1023**、CVE-2020-1024、CVE-2020–1102和CVE-2020-1069:**Microsoft SharePoint 远程执行代码漏洞
以上4个为微软SharePoint中的远程代码执行漏洞。攻击者可以利用此类漏洞获得在受影响终端或服务器上执行任意代码的能力。由于SharePoint无法检查应用程序包的源标记,前3个漏洞可以诱导用户打开一个特别制作的SharePoint应用程序文件从而进行利用。由于SharePoint Server无法正确识别和筛选不安全的 ASP.NET Web 控件,经过身份验证的攻击者通过上传一个特别制作的页面到SharePoint服务器,可成功利用CVE-2020-1069漏洞。
官方通告链接:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1023
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1024
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1102
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1069
CVE-2020-0901**:**Microsoft Excel 远程执行代码漏洞
由于Microsoft Excel无法正确处理内存中的对象,导致存在远程执行代码漏洞。攻击者通过诱使用户使用受影响版本的Microsoft Excel打开经过特殊设计的文件进行利用。成功利用此漏洞的攻击者可以获得与当前用户相同的系统控制权限。
官方通告链接:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0901
3影响范围
以下为重点关注漏洞的受影响产品版本,其他漏洞影响产品范围请参阅官方通告链接。
| 漏洞编号 | 受影响产品版本 |
|---|---|
| CVE-2020-1054CVE-2020-1143CVE-2020-1067CVE-2020-1153 | Windows 10 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 Version 1607 for x64-based SystemsWindows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows 10 Version 1709 for x64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1803 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1909 for 32-bit SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1909 for x64-based SystemsWindows 7 for 32-bit Systems Service Pack 1Windows 7 for x64-based Systems Service Pack 1Windows 8.1 for 32-bit systemsWindows 8.1 for x64-based systemsWindows RT 8.1Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for Itanium-Based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2012Windows Server 2012 (Server Core installation)Windows Server 2012 R2Windows Server 2012 R2 (Server Core installation)Windows Server 2016Windows Server 2016 (Server Core installation)Windows Server 2019Windows Server 2019 (Server Core installation)Windows Server, version 1803 (Server Core Installation)Windows Server, version 1903 (Server Core installation)Windows Server, version 1909 (Server Core installation) |
| CVE-2020-1062 | Internet Explorer 11:Windows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for x64-based SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows Server 2019Windows 10 Version 1909 for 32-bit SystemsWindows 10 Version 1909 for x64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1709 for x64-based SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 Version 1607 for x64-based SystemsWindows Server 2016Windows 7 for 32-bit Systems Service Pack 1Windows 7 for x64-based Systems Service Pack 1Windows 8.1 for 32-bit systemsWindows 8.1 for x64-based systemsWindows RT 8.1Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2012Windows Server 2012 R2 |
| Internet Explorer 9:Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2 | |
| CVE-2020-1023CVE-2020-1024CVE-2020-1069 | Microsoft SharePoint Enterprise Server 2016Microsoft SharePoint Foundation 2013 Service Pack 1Microsoft SharePoint Server 2019 |
| CVE-2020–1102 | Microsoft SharePoint Enterprise Server 2016Microsoft SharePoint Server 2019 |
| CVE-2020-0901 | Microsoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft Excel 2010 Service Pack 2 (32-bit editions)Microsoft Excel 2010 Service Pack 2 (64-bit editions)Microsoft Excel 2013 RT Service Pack 1Microsoft Excel 2013 Service Pack 1 (32-bit editions)Microsoft Excel 2013 Service Pack 1 (64-bit editions)Microsoft Excel 2016 (32-bit edition)Microsoft Excel 2016 (64-bit edition)Microsoft Office 2016 for MacMicrosoft Office 2019 for 32-bit editionsMicrosoft Office 2019 for 64-bit editionsMicrosoft Office 2019 for Mac |
4漏洞防护
4.1 补丁更新
目前微软官方已针对受支持的产品版本发布了修复以上漏洞的安全补丁,强烈建议受影响用户尽快安装补丁进行防护,官方下载链接:
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-May
注:由于网络问题、计算机环境问题等原因,Windows Update的补丁更新可能出现失败。用户在安装补丁后,应及时检查补丁是否成功更新。
右键点击Windows图标,选择“设置(N)”,选择“更新和安全”-“Windows更新”,查看该页面上的提示信息,也可点击“查看更新历史记录”查看历史更新情况。
针对未成功安装的更新,可点击更新名称跳转到微软官方下载页面,建议用户点击该页面上的链接,转到“Microsoft更新目录”网站下载独立程序包并安装。
附录:漏洞列表
| 影响产品 | CVE 编号 | 漏洞标题 | 严重程度 |
|---|---|---|---|
| Microsoft Graphics Component | CVE-2020-1117 | Microsoft Color Management 远程代码执行漏洞 | Critical |
| Microsoft Graphics Component | CVE-2020-1153 | Microsoft Graphics Components 远程代码执行漏洞 | Critical |
| Microsoft Office SharePoint | CVE-2020-1023 | Microsoft SharePoint 远程代码执行漏洞 | Critical |
| Microsoft Office SharePoint | CVE-2020-1024 | Microsoft SharePoint 远程代码执行漏洞 | Critical |
| Microsoft Scripting Engine | CVE-2020-1037 | Chakra Scripting Engine 内存破坏漏洞 | Critical |
| Microsoft Office SharePoint | CVE-2020-1069 | Microsoft SharePoint Server 远程代码执行漏洞 | Critical |
| Microsoft Office SharePoint | CVE-2020-1102 | Microsoft SharePoint 远程代码执行漏洞 | Critical |
| Microsoft Scripting Engine | CVE-2020-1065 | Scripting Engine 内存破坏漏洞 | Critical |
| Microsoft Windows | CVE-2020-1028 | Media Foundation 内存破坏漏洞 | Critical |
| Microsoft Windows | CVE-2020-1126 | Media Foundation 内存破坏漏洞 | Critical |
| Microsoft Windows | CVE-2020-1136 | Media Foundation 内存破坏漏洞 | Critical |
| Visual Studio | CVE-2020-1192 | Visual Studio Code Python Extension 远程代码执行漏洞 | Critical |
| Internet Explorer | CVE-2020-1064 | MSHTML Engine 远程代码执行漏洞 | Critical |
| Internet Explorer | CVE-2020-1093 | VBScript 远程代码执行漏洞 | Critical |
| Microsoft Edge | CVE-2020-1056 | Microsoft Edge 特权提升漏洞 | Critical |
| Internet Explorer | CVE-2020-1062 | Internet Explorer 内存破坏漏洞 | Critical |
| .NET Core | CVE-2020-1108 | .NET Core & .NET Framework 拒绝服务漏洞 | Important |
| .NET Core | CVE-2020-1161 | ASP.NET Core 拒绝服务漏洞 | Important |
| .NET Framework | CVE-2020-1066 | .NET Framework 特权提升漏洞 | Important |
| Active Directory | CVE-2020-1055 | Microsoft Active Directory Federation Services 跨站脚本漏洞 | Important |
| Common Log File System Driver | CVE-2020-1154 | Windows Common Log File System Driver 特权提升漏洞 | Important |
| Microsoft Dynamics | CVE-2020-1063 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important |
| Microsoft Edge | CVE-2020-1059 | Microsoft Edge 欺骗漏洞 | Important |
| Microsoft Edge | CVE-2020-1096 | Microsoft Edge PDF 远程代码执行漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-0963 | Windows GDI 信息泄露漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-1054 | Win32k 特权提升漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-1135 | Windows Graphics Component 特权提升漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-1140 | DirectX 特权提升漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-1179 | Windows GDI 信息泄露漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-1141 | Windows GDI 信息泄露漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-1142 | Windows GDI 特权提升漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-1145 | Windows GDI 信息泄露漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-1175 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-1051 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-1174 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-1176 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft Office | CVE-2020-0901 | Microsoft Excel 远程代码执行漏洞 | Important |
| Microsoft Office SharePoint | CVE-2020-1099 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-1101 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-1107 | Microsoft SharePoint 欺骗漏洞 | Important |
| Microsoft Office SharePoint | CVE-2020-1100 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-1103 | Microsoft SharePoint 信息泄露漏洞 | Important |
| Microsoft Office SharePoint | CVE-2020-1104 | Microsoft SharePoint 欺骗漏洞 | Important |
| Microsoft Office SharePoint | CVE-2020-1105 | Microsoft SharePoint 欺骗漏洞 | Important |
| Microsoft Office SharePoint | CVE-2020-1106 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Windows | CVE-2020-1021 | Windows Error Reporting 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1010 | Microsoft Windows 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1048 | Windows Print Spooler 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1071 | Windows Remote Access Common Dialog 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1076 | Windows 拒绝服务漏洞 | Important |
| Microsoft Windows | CVE-2020-1078 | Windows Installer 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1084 | Connected User Experiences and Telemetry Service 拒绝服务漏洞 | Important |
| Microsoft Windows | CVE-2020-1116 | Windows CSRSS 信息泄露漏洞 | Important |
| Microsoft Windows | CVE-2020-1118 | Microsoft Windows Transport Layer Security 拒绝服务漏洞 | Important |
| Microsoft Windows | CVE-2020-1124 | Windows State Repository Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1134 | Windows State Repository Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1137 | Windows Push Notification Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1138 | Windows Storage Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1143 | Win32k 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1144 | Windows State Repository Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1149 | Windows Runtime 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1150 | Media Foundation 内存破坏漏洞 | Important |
| Microsoft Windows | CVE-2020-1151 | Windows Runtime 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1155 | Windows Runtime 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1156 | Windows Runtime 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1157 | Windows Runtime 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1158 | Windows Runtime 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1186 | Windows State Repository Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1189 | Windows State Repository Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1190 | Windows State Repository Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1067 | Windows 远程代码执行漏洞 | Important |
| Microsoft Windows | CVE-2020-1068 | Microsoft Windows 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1070 | Windows Print Spooler 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1072 | Windows Kernel 信息泄露漏洞 | Important |
| Microsoft Windows | CVE-2020-1077 | Windows Runtime 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1079 | Microsoft Windows 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1081 | Windows Printer Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1082 | Windows Error Reporting 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1086 | Windows Runtime 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1088 | Windows Error Reporting 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1090 | Windows Runtime 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1111 | Windows Clipboard Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1112 | Windows Background Intelligent Transfer Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1121 | Windows Clipboard Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1123 | Connected User Experiences and Telemetry Service 拒绝服务漏洞 | Important |
| Microsoft Windows | CVE-2020-1125 | Windows Runtime 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1131 | Windows State Repository Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1132 | Windows Error Reporting Manager 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1139 | Windows Runtime 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1164 | Windows Runtime 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1165 | Windows Clipboard Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1166 | Windows Clipboard Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1184 | Windows State Repository Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1185 | Windows State Repository Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1187 | Windows State Repository Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1188 | Windows State Repository Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1191 | Windows State Repository Service 特权提升漏洞 | Important |
| Power BI | CVE-2020-1173 | Microsoft Power BI Report Server 欺骗漏洞 | Important |
| Visual Studio | CVE-2020-1171 | Visual Studio Code Python Extension 远程代码执行漏洞 | Important |
| Windows Hyper-V | CVE-2020-0909 | Windows Hyper-V 拒绝服务漏洞 | Important |
| Windows Kernel | CVE-2020-1114 | Windows Kernel 特权提升漏洞 | Important |
| Windows Kernel | CVE-2020-1087 | Windows Kernel 特权提升漏洞 | Important |
| Windows Scripting | CVE-2020-1061 | Microsoft Script Runtime 远程代码执行漏洞 | Important |
| Windows Subsystem for Linux | CVE-2020-1075 | Windows Subsystem for Linux 信息泄露漏洞 | Important |
| Windows Task Scheduler | CVE-2020-1113 | Windows Task Scheduler 安全功能绕过漏洞 | Important |
| Windows Update Stack | CVE-2020-1110 | Windows Update Stack 特权提升漏洞 | Important |
| Windows Update Stack | CVE-2020-1109 | Windows Update Stack 特权提升漏洞 | Important |
| Internet Explorer | CVE-2020-1092 | Internet Explorer 内存破坏漏洞 | Important |
| Microsoft Scripting Engine | CVE-2020-1035 | VBScript 远程代码执行漏洞 | Important |
| Microsoft Scripting Engine | CVE-2020-1058 | VBScript 远程代码执行漏洞 | Important |
| Microsoft Scripting Engine | CVE-2020-1060 | VBScript 远程代码执行漏洞 | Important |
转载自https://mp.weixin.qq.com/s/FdEQbtW357t_ms6ilUnZiA
相关文章
- 安全测试全面总结-6-SQL注入漏洞
- 红队|域渗透重要漏洞总结
- Struts2 S2-061(CVE-2020-17530)漏洞复现
- 常见支付漏洞挖掘思路
- 19 - vulhub - docker daemon api 未授权访问漏洞
- 12 - vulhub - Couchdb 垂直权限绕过漏洞(CVE-2017-12635)
- WEB漏洞攻防 - 文件上传漏洞 - 文件上传编辑类应用场景 - Ueditor 任意文件上传漏洞
- WEB漏洞攻防 - 文件上传漏洞 - 条件竞争 [代码逻辑]
- 升级过log4j,却还没搞懂log4j漏洞的本质?
- 又一数据库高危漏洞爆出,数据安全如何有效保障?
- 【收藏】十大Webserver漏洞扫描工具
- 文件上传漏洞及常见的利用方式