SetYun-教您优惠购买云主机!

标题: 【安全预警】关于微软2018年11月安全补丁更新说明 [打印本页]

作者: SetYun    时间: 2018-11-28 09:26
标题: 【安全预警】关于微软2018年11月安全补丁更新说明
尊敬的腾讯云客户,您好:       近日,腾讯云安全中心监测到微软近期发布了 11 月安全补丁更新,共披露了 53 个安全漏洞,其中包含 11 个严重漏洞,攻击者可利用漏洞实施权限提升、远程代码执行等攻击。       为避免您的业务受影响,腾讯云安全中心建议您及时开展安全自查,如在受影响范围,请您及时进行更新修复,避免被外部攻击者入侵。


【漏洞详情】
严重漏洞(11个):
CVE-2018-8541 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8542 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8543 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8551 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8555 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8556 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8557 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8588 - Chakra scripting engine memory corruption vulnerability
CVE-2018-8476 - Windows Deployment Services TFTP server remote code execution vulnerability
CVE-2018-8553 - Microsoft Graphics Components remote code execution vulnerability
CVE-2018-8544 - VBScript engine remote code execution vulnerability

重要漏洞(40个):
CVE-2018-8256 - PowerShell remote code execution vulnerability
CVE-2018-8574 - Microsoft Excel remote code execution vulnerability
CVE-2018-8577 - Microsoft Excel remote code execution vulnerability
CVE-2018-8582 - Microsoft Outlook remote code execution vulnerability
CVE-2018-8450 - Windows Search remote code execution vulnerability
CVE-2018-8550 - Windows COM Aggregate Marshaler elevation of privilege vulnerability
CVE-2018-8570 - Internet Explorer remote code execution vulnerability
CVE-2018-8408 - Windows kernel information disclosure vulnerability
CVE-2018-8415 - PowerShell tampering vulnerability
CVE-2018-8417 - Microsoft JScript security feature bypass vulnerability
CVE-2018-8471 - Microsoft RemoteFX Virtual GPU miniport driver elevation of privilege vulnerability
CVE-2018-8485 - DirectX elevation of privilege vulnerability
CVE-2018-8522 - Microsoft Outlook remote code execution vulnerability
CVE-2018-8524 - Microsoft Outlook remote code execution vulnerability
CVE-2018-8539 - Microsoft Word remote code execution vulnerability
CVE-2018-8545 - An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests
CVE-2018-8547 - Microsoft Edge cross-site-scripting (XSS) vulnerability
CVE-2018-8549 - Windows security feature bypass vulnerability
CVE-2018-8552 - Internet Explorer remote code execution vulnerability
CVE-2018-8554 - DirectX elevation of privilege vulnerability
CVE-2018-8558 - Microsoft Outlook information disclosure vulnerability
CVE-2018-8561 - DirectX elevation of privilege vulnerability
CVE-2018-8562 - Windows elevation of privilege vulnerability
CVE-2018-8563 - DirectX information disclosure vulnerability
CVE-2018-8564 - Microsoft Edge spoofing vulnerability
CVE-2018-8565 - win32k information disclosure vulnerability
CVE-2018-8566 - Windows security feature bypass vulnerability
CVE-2018-8567 - Microsoft Edge elevation of privilege vulnerability
CVE-2018-8568 - Microsoft SharePoint elevation of privilege vulnerability
CVE-2018-8572 - Microsoft SharePoint elevation of privilege vulnerability
CVE-2018-8573 - Microsoft Word remote code execution vulnerability
CVE-2018-8575 - Microsoft Project software remote code execution vulnerability
CVE-2018-8576 - Microsoft Outlook remote code execution vulnerability
CVE-2018-8578 - Microsoft SharePoint Server elevation of privilege vulnerability
CVE-2018-8579 - Microsoft Outlook information disclosure vulnerability
CVE-2018-8581 - Microsoft Exchange Server elevation of privilege vulnerability
CVE-2018-8584 - Windows elevation of privilege vulnerability
CVE-2018-8589 - Windows elevation of privilege vulnerability
CVE-2018-8592 - Windows 10 version 1809 elevation of privilege vulnerability
CVE-2018-8407 - "Kernel Remote Procedure Call Provider" driver  information disclosure vulnerability



【风险等级】
   高风险

【漏洞风险】
   代码执行、权限提升、安全绕过以及信息泄露;

【影响版本】
目前已知受影响产品如下:
Microsoft Edge
Internet Explorer
Chakra Scripting Engine
Microsoft Office
Windows Kernel


【修复建议】
目前微软官方均已发布漏洞修复更新,腾讯云安全团队建议您:
1)不要打开来历不明的文件或者链接,避免被被攻击者利用在机器上执行恶意代码;
2)打开Windows Update更新功能,点击“检查更新”,根据业务情况开展评估,下载安装相应的安全补丁;
3)补丁更新完毕后,重启系统生效,并观察系统及业务运行状态;
您也可以直接通过微软官方链接进行下载安装,补丁下载地址:https://portal.msrc.microsoft.com/en-us/security-guidance
【备注】建议您在安装补丁前做好数据备份工作,避免出现意外。


【漏洞参考】
  1)官方通告:https://portal.msrc.microsoft.com/en-us/security-guidance
  2)外部分析:https://blog.talosintelligence.com/2018/11/microsoft-patch-tuesday-october-2018_13.html








欢迎光临 SetYun-教您优惠购买云主机! (http://news.setyun.cn/) Powered by Discuz! X3.3