【漏洞通告】微软更新多个产品高危漏洞通告
【漏洞通告】微软更新多个产品高危漏洞通告
原创 威胁对抗能力部 [绿盟科技安全情报](javascript:void(0) 今天
通告编号:NS-2020-0027
2020-04-15
| TA****G: | 微软、安全更新、CVE-2020-0938、CVE-2020-1020、CVE-2020-1027、CVE-2020-0968 |
|---|---|
| 漏洞危害: | 攻击者利用本次安全更新中的漏洞,可造成信息泄露、特权提升、远程代码执行等 |
| 版本: | 1.0 |
1
漏洞概述
4月15日,微软发布4月安全补丁更新,修复了113个从简单的欺骗攻击到远程执行代码的安全问题,涉及Windows、Office、Internet Explorer、Edge、Windows Defender、Visual Studio等多个产品,其中包括3个已被在野利用的0-day漏洞。这三个漏洞分布在 Windows Adobe Type Manager Library 和Windows 内核中。
3月24日,微软发布编号为的ADV200006安全通告指出Adobe Type Manager Library在处理multi-master字体(Adobe Type 1 PostScript格式)时存在缺陷,攻击者可以精心构造恶意文档并诱使用户使用Windows Preview pane预览,从而利用该漏洞来远程执行代码。微软在三月的通告提供了相应的缓解措施,在本次月度更新中提供了修复补丁。
请相关用户及时更新补丁进行防护,详细漏洞列表请参考附录。
参考链接:
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Apr
SEE MORE →
2重点漏洞简述
本月微软月度更新修复的漏洞中,严重程度为关键(Critical)的漏洞共有 17个,重要(Important)漏洞有 96个。以下为此次更新中影响较大的漏洞,请相关用户着重进行关注:
- CVE-2020-1020、CVE-2020-0938:Adobe Font Manager库远程执行代码漏洞
这是两个影响Windows Adobe Type Manager Library 的远程代码执行漏洞,微软曾在三月下旬发布通告提供了相应的缓解措施,本次月度更新中提供了补丁。
漏洞缘于Windows Adobe Type Manager Library在处理multi-master字体(Adobe Type 1 PostScript格式)时存在缺陷。
对于除Windows 10以外的所有系统,成功利用该漏洞的攻击者可以远程执行代码。对于运行Windows 10的系统,成功利用该漏洞的攻击者可以在AppContainer沙盒上下文中以有限的权限执行代码。
Type 1字体分析远程执行代码漏洞通告及缓解措施请参阅文章:
https://mp.weixin.qq.com/s/7n-4VHSMyulfVAc5MNa7Jg
官方通告链接:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1020
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0938
- CVE-2020-1027:Windows内核特权提升漏洞
此漏洞存在于Windows内核处理内存中对象的过程中。成功利用此漏洞的攻击者能够以提升后的权限执行代码。
官方通告链接:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1027
- CVE-2020-0968:脚本引擎内存损坏漏洞
在 Internet Explorer 中,脚本引擎在处理内存中对象的过程中存在一个远程代码执行漏洞。该漏洞可破坏内存,使攻击者在当前用户的上下文中执行任意代码。成功利用此漏洞的攻击者可获得与当前用户相同的权限。如果当前用户以管理用户权限登录,成功利用该漏洞的攻击者可以完全控制受影响的系统。
官方通告链接:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0968
3影响范围
| 漏洞编号 | 受影响产品版本 |
|---|---|
| CVE-2020-1020、CVE-2020-0938 | Windows 10 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 Version 1607 for x64-based SystemsWindows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows 10 Version 1709 for x64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1803 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1909 for 32-bit SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1909 for x64-based SystemsWindows 7 for 32-bit Systems Service Pack 1Windows 7 for x64-based Systems Service Pack 1Windows 8.1 for 32-bit systemsWindows 8.1 for x64-based systemsWindows RT 8.1Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for Itanium-Based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2012Windows Server 2012 (Server Core installation)Windows Server 2012 R2Windows Server 2012 R2 (Server Core installation)Windows Server 2016Windows Server 2016 (Server Core installation)Windows Server 2019Windows Server 2019 (Server Core installation)Windows Server, version 1803 (Server Core Installation)Windows Server, version 1903 (Server Core installation)Windows Server, version 1909 (Server Core installation) |
| CVE-2020-1027 | Windows 10 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 Version 1607 for x64-based SystemsWindows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows 10 Version 1709 for x64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1803 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1909 for 32-bit SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1909 for x64-based SystemsWindows 7 for 32-bit Systems Service Pack 1Windows 7 for x64-based Systems Service Pack 1Windows 8.1 for 32-bit systemsWindows 8.1 for x64-based systemsWindows RT 8.1Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for Itanium-Based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2012Windows Server 2012 (Server Core installation)Windows Server 2012 R2Windows Server 2012 R2 (Server Core installation)Windows Server 2016Windows Server 2016 (Server Core installation)Windows Server 2019Windows Server 2019 (Server Core installation)Windows Server, version 1803 (Server Core Installation)Windows Server, version 1903 (Server Core installation)Windows Server, version 1909 (Server Core installation) |
| CVE-2020-0968 | Internet Explorer 11:Windows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for x64-based SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows Server 2019 4549949 Security UpdateWindows 10 Version 1909 for 32-bit SystemsWindows 10 Version 1909 for x64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1709 for x64-based SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 Version 1607 for x64-based SystemsWindows Server 2016Windows 7 for 32-bit Systems Service Pack 1Windows 7 for x64-based Systems Service Pack 1Windows 8.1 for 32-bit systemsWindows 8.1 for x64-based systemsWindows RT 8.1Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2012 4550917 Monthly RollupWindows Server 2012 R2 4550961 Monthly Rollup |
| Internet Explorer 9:Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2 |
4漏洞防护
4.1 补丁更新
目前微软官方已针对受支持的系统版本发布修复了以上漏洞的安全补丁,强烈建议受影响用户尽快安装补丁进行防护,官方下载链接:
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Apr
注:由于网络问题、计算机环境问题等原因,Windows Update的补丁更新可能出现失败。用户在安装补丁后,应及时检查补丁是否成功更新。
右键点击Windows徽标,选择“设置(N)”,选择“更新和安全”-“Windows更新”,查看该页面上的提示信息,也可点击“查看更新历史记录”查看历史更新情况。
针对未成功安装的更新,可点击更新名称跳转到微软官方下载页面,建议用户点击该页面上的链接,转到“Microsoft更新目录”网站下载独立程序包并安装。
附录产品漏洞列表
| 影响产品 | CVE 编号 | 漏洞标题 | 严重程度 |
|---|---|---|---|
| Microsoft Dynamics | CVE-2020-1022 | Dynamics Business Central 远程代码执行漏洞 | Critical |
| Microsoft Graphics Component | CVE-2020-0907 | Microsoft Graphics Components 远程代码执行漏洞 | Critical |
| Microsoft Graphics Component | CVE-2020-0687 | Microsoft Graphics 远程代码执行漏洞 | Critical |
| Microsoft Graphics Component | CVE-2020-0938 | Adobe Font Manager Library 远程代码执行漏洞 | Critical |
| Microsoft Graphics Component | CVE-2020-1020 | Adobe Font Manager Library 远程代码执行漏洞 | Critical |
| Microsoft Office | CVE-2020-0931 | Microsoft SharePoint 远程代码执行漏洞 | Critical |
| Microsoft Office SharePoint | CVE-2020-0929 | Microsoft SharePoint 远程代码执行漏洞 | Critical |
| Microsoft Office SharePoint | CVE-2020-0932 | Microsoft SharePoint 远程代码执行漏洞 | Critical |
| Microsoft Office SharePoint | CVE-2020-0974 | Microsoft SharePoint 远程代码执行漏洞 | Critical |
| Microsoft Scripting Engine | CVE-2020-0968 | Scripting Engine 内存破坏漏洞 | Critical |
| Microsoft Scripting Engine | CVE-2020-0969 | Chakra Scripting Engine 内存破坏漏洞 | Critical |
| Microsoft Scripting Engine | CVE-2020-0970 | Scripting Engine 内存破坏漏洞 | Critical |
| Microsoft Windows | CVE-2020-0965 | Microsoft Windows Codecs Library 远程代码执行漏洞 | Critical |
| Windows Hyper-V | CVE-2020-0910 | Windows Hyper-V 远程代码执行漏洞 | Critical |
| Windows Media | CVE-2020-0948 | Media Foundation 内存破坏漏洞 | Critical |
| Windows Media | CVE-2020-0949 | Media Foundation 内存破坏漏洞 | Critical |
| Windows Media | CVE-2020-0950 | Media Foundation 内存破坏漏洞 | Critical |
| Android App | CVE-2020-0943 | Microsoft YourPhone Application for Android Authentication Bypass Vulnerability | Important |
| Apps | CVE-2020-1019 | Microsoft RMS Sharing App for Mac 特权提升漏洞 | Important |
| Microsoft Dynamics | CVE-2020-1018 | Microsoft Dynamics Business Central/NAV Information Disclosure | Important |
| Microsoft Dynamics | CVE-2020-1049 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important |
| Microsoft Dynamics | CVE-2020-1050 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important |
| Microsoft Graphics Component | CVE-2020-0784 | DirectX 特权提升漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-0987 | Microsoft Graphics Component 信息泄露漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-1004 | Windows Graphics Component 特权提升漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-1005 | Microsoft Graphics Component 信息泄露漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-0952 | Windows GDI 信息泄露漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-0958 | Win32k 特权提升漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-0964 | GDI+ 远程代码执行漏洞 | Important |
| Microsoft Graphics Component | CVE-2020-0982 | Microsoft Graphics Component 信息泄露漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-0988 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-0992 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-0994 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-0995 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-0999 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-1008 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-0889 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-0953 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-0959 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft JET Database Engine | CVE-2020-0960 | Jet Database Engine 远程代码执行漏洞 | Important |
| Microsoft Office | CVE-2020-0760 | Microsoft Office 远程代码执行漏洞 | Important |
| Microsoft Office | CVE-2020-0906 | Microsoft Excel 远程代码执行漏洞 | Important |
| Microsoft Office | CVE-2020-0935 | OneDrive for Windows 特权提升漏洞 | Important |
| Microsoft Office | CVE-2020-0979 | Microsoft Excel 远程代码执行漏洞 | Important |
| Microsoft Office | CVE-2020-0980 | Microsoft Word 远程代码执行漏洞 | Important |
| Microsoft Office | CVE-2020-0991 | Microsoft Office 远程代码执行漏洞 | Important |
| Microsoft Office | CVE-2020-0961 | Microsoft Office Access Connectivity Engine 远程代码执行漏洞 | Important |
| Microsoft Office | CVE-2020-0984 | Microsoft (MAU) Office 特权提升漏洞 | Important |
| Microsoft Office SharePoint | CVE-2020-0920 | Microsoft SharePoint 远程代码执行漏洞 | Important |
| Microsoft Office SharePoint | CVE-2020-0923 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-0924 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-0925 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-0926 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-0927 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-0930 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-0933 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-0954 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-0971 | Microsoft SharePoint 远程代码执行漏洞 | Important |
| Microsoft Office SharePoint | CVE-2020-0972 | Microsoft SharePoint 欺骗漏洞 | Important |
| Microsoft Office SharePoint | CVE-2020-0973 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-0975 | Microsoft SharePoint 欺骗漏洞 | Important |
| Microsoft Office SharePoint | CVE-2020-0976 | Microsoft SharePoint 欺骗漏洞 | Important |
| Microsoft Office SharePoint | CVE-2020-0977 | Microsoft SharePoint 欺骗漏洞 | Important |
| Microsoft Office SharePoint | CVE-2020-0978 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Windows | CVE-2020-0794 | Windows 拒绝服务漏洞 | Important |
| Microsoft Windows | CVE-2020-0944 | Connected User Experiences and Telemetry Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1001 | Windows Push Notification Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1006 | Windows Push Notification Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1029 | Connected User Experiences and Telemetry Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-0934 | Windows 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-0940 | Windows Push Notification Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-0942 | Connected User Experiences and Telemetry Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-0981 | Windows Token 安全功能绕过漏洞 | Important |
| Microsoft Windows | CVE-2020-1009 | Windows 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1011 | Windows 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1016 | Windows Push Notification Service 信息泄露漏洞 | Important |
| Microsoft Windows | CVE-2020-1017 | Windows Push Notification Service 特权提升漏洞 | Important |
| Microsoft Windows | CVE-2020-1094 | Windows Work Folder Service 特权提升漏洞 | Important |
| Microsoft Windows DNS | CVE-2020-0993 | Windows DNS 拒绝服务漏洞 | Important |
| Open Source Software | CVE-2020-1026 | MSR JavaScript Cryptography Library 安全功能绕过漏洞 | Important |
| Remote Desktop Client | CVE-2020-0919 | Microsoft Remote Desktop App for Mac 特权提升漏洞 | Important |
| Visual Studio | CVE-2020-0899 | Microsoft Visual Studio 特权提升漏洞 | Important |
| Visual Studio | CVE-2020-0900 | Visual Studio Extension Installer Service 特权提升漏洞 | Important |
| Windows Defender | CVE-2020-0835 | Windows Defender Antimalware Platform Hard Link 特权提升漏洞 | Important |
| Windows Defender | CVE-2020-1002 | Microsoft Defender 特权提升漏洞 | Important |
| Windows Hyper-V | CVE-2020-0917 | Windows Hyper-V 特权提升漏洞 | Important |
| Windows Hyper-V | CVE-2020-0918 | Windows Hyper-V 特权提升漏洞 | Important |
| Windows Kernel | CVE-2020-0913 | Windows Kernel 特权提升漏洞 | Important |
| Windows Kernel | CVE-2020-0955 | Windows Kernel Information Disclosure in CPU Memory Access | Important |
| Windows Kernel | CVE-2020-1000 | Windows Kernel 特权提升漏洞 | Important |
| Windows Kernel | CVE-2020-1003 | Windows Kernel 特权提升漏洞 | Important |
| Windows Kernel | CVE-2020-1007 | Windows Kernel 信息泄露漏洞 | Important |
| Windows Kernel | CVE-2020-1027 | Windows Kernel 特权提升漏洞 | Important |
| Windows Kernel | CVE-2020-0699 | Win32k 信息泄露漏洞 | Important |
| Windows Kernel | CVE-2020-0821 | Windows Kernel 信息泄露漏洞 | Important |
| Windows Kernel | CVE-2020-0888 | DirectX 特权提升漏洞 | Important |
| Windows Kernel | CVE-2020-0936 | Windows Scheduled Task 特权提升漏洞 | Important |
| Windows Kernel | CVE-2020-0956 | Win32k 特权提升漏洞 | Important |
| Windows Kernel | CVE-2020-0957 | Win32k 特权提升漏洞 | Important |
| Windows Kernel | CVE-2020-0962 | Win32k 信息泄露漏洞 | Important |
| Windows Kernel | CVE-2020-1015 | Windows 特权提升漏洞 | Important |
| Windows Media | CVE-2020-0945 | Media Foundation 信息泄露漏洞 | Important |
| Windows Media | CVE-2020-0946 | Media Foundation 信息泄露漏洞 | Important |
| Windows Media | CVE-2020-0947 | Media Foundation 信息泄露漏洞 | Important |
| Windows Media | CVE-2020-0937 | Media Foundation 信息泄露漏洞 | Important |
| Windows Media | CVE-2020-0939 | Media Foundation 信息泄露漏洞 | Important |
| Windows Update Stack | CVE-2020-0985 | Windows Update Stack 特权提升漏洞 | Important |
| Windows Update Stack | CVE-2020-0996 | Windows Update Stack 特权提升漏洞 | Important |
| Windows Update Stack | CVE-2020-0983 | Windows 特权提升漏洞 | Important |
| Windows Update Stack | CVE-2020-1014 | Microsoft Windows Update Client 特权提升漏洞 | Important |
| Microsoft Scripting Engine | CVE-2020-0895 | Windows VBScript Engine 远程代码执行漏洞 | Low |
| Microsoft Scripting Engine | CVE-2020-0966 | VBScript 远程代码执行漏洞 | Low |
| Microsoft Scripting Engine | CVE-2020-0967 | VBScript 远程代码执行漏洞 | Moderate |
转载自https://mp.weixin.qq.com/s/igHraZnoLWBYOGXqqE2ing