¡¾Îó²îͨ¸æ¡¿Î¢Èí5Ô¶à¸öÇå¾²Îó²î

Ðû²¼Ê±¼ä 2024-05-15


Ò»¡¢Îó²î¸ÅÊö

2024Äê5ÔÂ14ÈÕ£¬£¬£¬£¬£¬Î¢ÈíÐû²¼ÁË5ÔÂÇå¾²¸üУ¬£¬£¬£¬£¬±¾´Î¸üй²ÐÞ¸´ÁË61¸öÎó²î£¨²»°üÀ¨Ö®Ç°ÐÞ¸´µÄMicrosoft EdgeÎó²î£©£¬£¬£¬£¬£¬Îó²îÀàÐÍ°üÀ¨ÌØȨÌáÉýÎó²î¡¢Çå¾²¹¦Ð§ÈƹýÎó²î¡¢Ô¶³Ì´úÂëÖ´ÐÐÎó²î¡¢ÐÅϢй¶Îó²î¡¢¾Ü¾øЧÀÍÎó²îºÍÓÕÆ­Îó²îµÈ¡£¡£¡£

±¾´ÎÇå¾²¸üÐÂÐÞ¸´ÁË3¸ö0 dayÎó²î£¬£¬£¬£¬£¬ÆäÖÐÁ½¸öÒÑ·¢Ã÷±»Ê¹Ó㬣¬£¬£¬£¬CVE-2024-30046ÒѹûÕæÅû¶£º

CVE-2024-30040£ºWindows MSHTML PlatformÇå¾²¹¦Ð§ÈƹýÎó²î

Windows MSHTMLƽ̨±£´æÇå¾²¹¦Ð§ÈƹýÎó²î£¬£¬£¬£¬£¬ÆäCVSSÆÀ·ÖΪ8.2£¬£¬£¬£¬£¬¿ÉÄܵ¼ÖÂÈƹý Microsoft 365 ºÍ Microsoft Office ÖеÄOLE»º½â²½·¥£¬£¬£¬£¬£¬ÍþвÕß¿Éͨ¹ýÓÕµ¼Óû§·­¿ª¶ñÒâÎĵµÀ´»ñµÃ´úÂëÖ´ÐÐȨÏÞ£¬£¬£¬£¬£¬ÀÖ³ÉʹÓÿÉÄܵ¼ÖÂÔÚÓû§µÄÉÏÏÂÎÄÖÐÖ´ÐÐí§Òâ´úÂë¡£¡£¡£ÏÖÔÚ¸ÃÎó²îÒѼì²âµ½Îó²îʹÓᣡ£¡£

CVE-2024-30051£ºWindows DWM Core LibraryÌØȨÌáÉýÎó²î

Windows DWM ½¹µã¿âÖб£´æ»º³åÇøÒç³öÎó²î£¬£¬£¬£¬£¬ÆäCVSSÆÀ·ÖΪ7.8£¬£¬£¬£¬£¬ÍâµØµÍȨÏÞÍþвÕß¿ÉʹÓøÃÎó²îʵÏÖȨÏÞÌáÉý£¬£¬£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²î¿É»ñµÃSYSTEMȨÏÞ¡£¡£¡£ÏÖÔÚ¸ÃÎó²îÒѾ­¹ûÕæÅû¶£¬£¬£¬£¬£¬ÇÒÒÑ·¢Ã÷Qakbot¶ñÒâÈí¼þ´¹ÂÚ¹¥»÷ʹÓöñÒâÎĵµÀ´Ê¹ÓøÃÎó²î²¢ÔÚWindows×°±¸ÉÏ»ñµÃSYSTEMȨÏÞ¡£¡£¡£

CVE-2024-30046£ºVisual Studio¾Ü¾øЧÀÍÎó²î

Visual StudioÖб£´æ¾ºÕùÌõ¼þÎó²î£¬£¬£¬£¬£¬ÆäCVSSÆÀ·ÖΪ5.9£¬£¬£¬£¬£¬ÀÖ³ÉʹÓÿÉÄܵ¼Ö¾ܾøЧÀÍ¡£¡£¡£ÏÖÔÚ¸ÃÎó²îÒѾ­¹ûÕæÅû¶£¬£¬£¬£¬£¬Î¢ÈíµÄ¿ÉʹÓÃÐÔÆÀ¹ÀΪ ¡°±»Ê¹ÓõĿÉÄÜÐÔ½ÏС¡±¡£¡£¡£

±¾´ÎÇå¾²¸üÐÂÖÐÐÞ¸´µÄ1¸öÑÏÖØÎó²îΪ£º

CVE-2024-30044£ºMicrosoft SharePoint Server Ô¶³Ì´úÂëÖ´ÐÐÎó²î

Microsoft SharePoint ServerÖб£´æ·´ÐòÁл¯Îó²î£¬£¬£¬£¬£¬ÆäCVSSÆÀ·ÖΪ8.8£¬£¬£¬£¬£¬¾ßÓÐÍøÕ¾ËùÓÐÕßȨÏ޵ľ­ÓÉÉí·ÝÑéÖ¤µÄÍþвÕß¿ÉÒÔ½«ÌØÖÆÎļþÉÏ´«µ½Ä¿µÄ Sharepoint Server£¬£¬£¬£¬£¬²¢ÖÆ×÷ÌØÖÆAPIÇëÇóÒÔ´¥·¢Îļþ²ÎÊýµÄ·´ÐòÁл¯£¬£¬£¬£¬£¬ÀÖ³ÉʹÓÿÉÄܵ¼ÖÂÔÚ Sharepoint ServerµÄÉÏÏÂÎÄÖе¼ÖÂÔ¶³Ì´úÂëÖ´ÐС£¡£¡£ÏÖÔÚ¸ÃÎó²îÔÝδ¹ûÕæÅû¶£¬£¬£¬£¬£¬Î¢ÈíµÄ¿ÉʹÓÃÐÔÆÀ¹ÀΪ ¡°±»Ê¹ÓõĿÉÄÜÐԽϸߡ±¡£¡£¡£

³ýÉÏÊöÍâÎó²îÍ⣬£¬£¬£¬£¬Î¢ÈíµÄ¿ÉʹÓÃÐÔÆÀ¹ÀÖÐÆäËû¡°±»Ê¹ÓõĿÉÄÜÐԽϸߡ±µÄÎó²î»¹°üÀ¨£º

l  CVE-2024-29996/CVE-2024-30025/CVE-2024-30037£ºWindows Common Log File System DriverÌØȨÌáÉýÎó²î

Windows ͨÓÃÈÕÖ¾ÎļþϵͳÇý¶¯³ÌÐòÖб£´æ¶à¸öÔ½½ç¶ÁÈ¡Îó²î£¬£¬£¬£¬£¬ÀÖ³ÉʹÓÿɻñµÃSYSTEMȨÏÞ¡£¡£¡£

l  CVE-2024-30032/ CVE-2024-30035£ºWindows DWM Core LibraryÌØȨÌáÉýÎó²î

Windows DWM ½¹µã¿âÖб£´æ¶à¸öUse-After-FreeÎó²î£¬£¬£¬£¬£¬ÀÖ³ÉʹÓÿɻñµÃSYSTEMȨÏÞ¡£¡£¡£

l  CVE-2024-30034£ºWindows Cloud Files Mini Filter DriverÐÅϢй¶Îó²î

Windows Cloud Files Mini FilterÇý¶¯³ÌÐòÖб£´æÀàÐÍ»ìÏýÎó²î£¬£¬£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²î¿ÉÄܵ¼ÖÂijЩÄÚºËÄÚ´æÐÅϢй¶¡£¡£¡£

l  CVE-2024-30038£ºWin32k ÌØȨÌáÉýÎó²î

Win32k.sys Çý¶¯³ÌÐòÖб£´æ»º³åÇøÒç³öÎó²î£¬£¬£¬£¬£¬¾­ÓÉÉí·ÝÑéÖ¤µÄÍâµØÍþвÕß¿ÉʹÓøÃÎó²î½«È¨ÏÞÌáÉýΪSYSTEM»òÖÎÀíԱȨÏÞ¡£¡£¡£

l  CVE-2024-30049£ºWindows Win32 Kernel SubsystemÌØȨÌáÉýÎó²î

Windows Win32 ÄÚºË×ÓϵͳÖб£´æUse-After-FreeÎó²î£¬£¬£¬£¬£¬ÀÖ³ÉʹÓÿɻñµÃSYSTEMȨÏÞ¡£¡£¡£

l  CVE-2024-30050£ºWindows Mark of the Web Çå¾²¹¦Ð§ÈƹýÎó²î

ÍþвÕß¿ÉÒÔÖÆ×÷¶ñÒâÎļþ²¢ÓÕµ¼Ä¿µÄÓû§ÏÂÔز¢·­¿ª¸ÃÎļþÀ´Ê¹ÓøÃÎó²î£¬£¬£¬£¬£¬´Ó¶ø¿ÉÄÜÌÓ±ÜWeb ±ê¼Ç (MOTW) ·ÀÓù£¬£¬£¬£¬£¬µ¼ÖÂÇå¾²¹¦Ð§£¨ÀýÈçÒÀÀµ MOTW ±ê¼ÇµÄ Microsoft Office ÖеÄÊܱ £» £»£» £»£»£»£»¤ÊÓͼ£©Èƹý¡£¡£¡£

΢Èí5Ô¸üÐÂÉæ¼°µÄÍêÕûÎó²îÁбíÈçÏ£º

CVE ID

CVE ÎÊÌâ

ÑÏÖØÐÔ

CVE-2024-30044

Microsoft SharePoint Server Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-30045

.NET & Visual Studio Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30053

Azure Migrate ¿çÕ¾¾ç±¾Îó²î

¸ßΣ

CVE-2024-30041

Microsoft Bing Search ÓÕÆ­Îó²î

¸ßΣ

CVE-2024-30007

Microsoft Brokering File System ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30048

Dynamics 365 Customer Insights ÓÕÆ­Îó²î

¸ßΣ

CVE-2024-30047

Dynamics 365 Customer Insights ÓÕÆ­Îó²î

¸ßΣ

CVE-2024-30059

Microsoft Intune for Android Mobile Application Management ¸Ä¶¯Îó²î

¸ßΣ

CVE-2024-30042

Microsoft Excel Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30043

Microsoft SharePoint Server ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-30006

Microsoft WDAC OLE DB provider for SQL Server Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-29994

Microsoft Windows SCSI Class System File ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30033

Windows Search Service ȨÏÞÌáÉýÎó²î

¸ßΣ

CVE-2024-30054

Microsoft Power BI Client JavaScript SDK ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-30046

Visual Studio ¾Ü¾øЧÀÍÎó²î

¸ßΣ

CVE-2024-32004

GitHub£ºCVE-2024-32004 ¿Ë¡ÌØÖÆÍâµØ´æ´¢¿âʱԶ³Ì´úÂëÖ´ÐÐ

¸ßΣ

CVE-2024-32002

CVE-2024-32002 Ö§³Ö·ûºÅÁ´½ÓµÄ²»Çø·Ö¾ÞϸдµÄÎļþϵͳÉϵĵݹé¿Ë¡ÈÝÒ×Êܵ½Ô¶³Ì´úÂëÖ´ÐÐ

¸ßΣ

CVE-2024-30034

Windows Cloud Files Mini Filter Driver ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-30031

Windows CNG Key Isolation Service ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-29996

Windows Common Log File System Driver ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30037

Windows Common Log File System Driver ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30025

Windows Common Log File System Driver ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30020

Windows Cryptographic Services Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30016

Windows Cryptographic Services ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-30036

Windows Deployment Services ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-30019

DHCP Server Service ¾Ü¾øЧÀÍÎó²î

¸ßΣ

CVE-2024-30008

Windows DWM Core Library ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-30051

Windows DWM Core Library ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30035

Windows DWM Core Library ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30032

Windows DWM Core Library ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30011

Windows Hyper-V ¾Ü¾øЧÀÍÎó²î

¸ßΣ

CVE-2024-30017

Windows Hyper-V Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30010

Windows Hyper-V Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30018

Windows ÄÚºËÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30002

Windows Mobile Broadband Driver Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-29997

Windows Mobile Broadband Driver Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30003

Windows Mobile Broadband Driver Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30012

Windows Mobile Broadband Driver Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-29999

Windows Mobile Broadband Driver Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-29998

Windows Mobile Broadband Driver Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30000

Windows Mobile Broadband Driver Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30005

Windows Mobile Broadband Driver Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30004

Windows Mobile Broadband Driver Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30021

Windows Mobile Broadband Driver Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30001

Windows Mobile Broadband Driver Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30040

Windows MSHTML Platform Çå¾²¹¦Ð§ÈƹýÎó²î

¸ßΣ

CVE-2024-30027

NTFS ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30039

Windows Remote Access Connection Manager ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-30009

Windows Routing and Remote Access Service (RRAS) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30024

Windows Routing and Remote Access Service (RRAS) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30015

Windows Routing and Remote Access Service (RRAS) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30029

Windows Routing and Remote Access Service (RRAS) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30023

Windows Routing and Remote Access Service (RRAS) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30014

Windows Routing and Remote Access Service (RRAS) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-30022

Windows Routing and Remote Access Service (RRAS) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-26238

Microsoft PLUGScheduler Scheduled Task ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30030

Win32k ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30038

Win32k ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30049

Windows Win32 Kernel Subsystem ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30028

Win32k ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-30050

Windows Mark of the Web Çå¾²¹¦Ð§ÈƹýÎó²î

ÖÐΣ

CVE-2024-30055

Microsoft Edge£¨»ùÓÚ Chromium£©ÓÕÆ­Îó²î

µÍΣ

CVE-2024-4558

Chromium£ºCVE-2024-4558 ÔÚ ANGLE ÖÐ Use-after-free

δ֪

CVE-2024-4331

Chromium£ºCVE-2024-4331 ÔÚ»­Öл­ÖÐ Use-after-free

δ֪

CVE-2024-4671

Chromium£ºCVE-2024-4671 ÔÚVisuals ÖÐ Use-after-free

δ֪

CVE-2024-4368

Chromium£ºCVE-2024-4368 ÔÚ Dawn ÖÐ Use-after-free

δ֪

CVE-2024-4559

Chromium£ºCVE-2024-4559 WebAudio ÖеĶѻº³åÇøÒç³ö

δ֪

 

¶þ¡¢Ó°Ïì¹æÄ£

ÊÜÓ°ÏìµÄ²úÆ·/¹¦Ð§/ЧÀÍ/×é¼þ°üÀ¨£º

Windows Task Scheduler

Microsoft Windows SCSI Class System File

Windows Common Log File System Driver

Windows Mobile Broadband

Microsoft WDAC OLE DB provider for SQL

Microsoft Brokering File System

Windows DWM Core Library

Windows Routing and Remote Access Service (RRAS)

Windows Hyper-V

Windows Cryptographic Services

Windows Kernel

Windows DHCP Server

Windows NTFS

Windows Win32K - ICOMP

Windows Win32K - GRFX

Windows CNG Key Isolation Service

Microsoft Windows Search Component

Windows Cloud Files Mini Filter Driver

Windows Deployment Services

Windows Remote Access Connection Manager

Windows MSHTML Platform

Microsoft Bing

Microsoft Office Excel

Microsoft Office SharePoint

.NET and Visual Studio

Visual Studio

Microsoft Dynamics 365 Customer Insights

Windows Mark of the Web (MOTW)

Azure Migrate

Power BI

Microsoft Edge (Chromium-based)

Microsoft Intune

 

 

Èý¡¢Çå¾²²½·¥

3.1 Éý¼¶°æ±¾

ÏÖÔÚ΢ÈíÒÑÐû²¼Ïà¹ØÇå¾²¸üУ¬£¬£¬£¬£¬½¨ÒéÊÜÓ°ÏìµÄÓû§¾¡¿ìÐÞ¸´¡£¡£¡£

£¨Ò»£© Windows Update×Ô¶¯¸üÐÂ

Microsoft UpdateĬÈÏÆôÓ㬣¬£¬£¬£¬µ±ÏµÍ³¼ì²âµ½¿ÉÓøüÐÂʱ£¬£¬£¬£¬£¬½«»á×Ô¶¯ÏÂÔظüв¢ÔÚÏÂÒ»´ÎÆô¶¯Ê±×°Öᣡ£¡£Ò²¿ÉÑ¡Ôñͨ¹ýÒÔÏ°취ÊÖ¶¯¾ÙÐиüУº

1¡¢µã»÷¡°×îÏȲ˵¥¡±»ò°´Windows¿ì½Ý¼ü£¬£¬£¬£¬£¬µã»÷½øÈë¡°ÉèÖá±

2¡¢Ñ¡Ôñ¡°¸üкÍÇå¾²¡±£¬£¬£¬£¬£¬½øÈë¡°Windows¸üС±£¨Windows 8¡¢Windows 8.1¡¢Windows Server 2012ÒÔ¼°Windows Server 2012 R2¿Éͨ¹ý¿ØÖÆÃæ°å½øÈë¡°Windows¸üС±£¬£¬£¬£¬£¬Ïêϸ°ì·¨Îª¡°¿ØÖÆÃæ°å¡±->¡°ÏµÍ³ºÍÇå¾²¡±->¡°Windows¸üС±£©

3¡¢Ñ¡Ôñ¡°¼ì²é¸üС±£¬£¬£¬£¬£¬ÆÚ´ýϵͳ×Ô¶¯¼ì²é²¢ÏÂÔØ¿ÉÓøüС£¡£¡£

4¡¢¸üÐÂÍê³ÉºóÖØÆôÅÌËã»ú£¬£¬£¬£¬£¬¿Éͨ¹ý½øÈë¡°Windows¸üС±->¡°Éó²é¸üÐÂÀúÊ·¼Í¼¡±Éó²éÊÇ·ñÀÖ³É×°ÖÃÁ˸üС£¡£¡£¹ØÓÚûÓÐÀÖ³É×°ÖõĸüУ¬£¬£¬£¬£¬¿ÉÒÔµã»÷¸Ã¸üÐÂÃû³Æ½øÈë΢Èí¹Ù·½¸üÐÂÐÎòÁ´½Ó£¬£¬£¬£¬£¬µã»÷×îеÄSSUÃû³Æ²¢ÔÚÐÂÁ´½ÓÖеã»÷¡°Microsoft ¸üÐÂĿ¼¡±£¬£¬£¬£¬£¬È»ºóÔÚÐÂÁ´½ÓÖÐÑ¡ÔñÊÊÓÃÓÚÄ¿µÄϵͳµÄ²¹¶¡¾ÙÐÐÏÂÔز¢×°Öᣡ£¡£

£¨¶þ£© ÊÖ¶¯×°ÖøüÐÂ

Microsoft¹Ù·½ÏÂÔØÏìÓ¦²¹¶¡¾ÙÐиüС£¡£¡£

2024Äê5ÔÂÇå¾²¸üÐÂÏÂÔØÁ´½Ó£º

https://msrc.microsoft.com/update-guide/releaseNote/2024-May

²¹¶¡ÏÂÔØʾÀý£¨²Î¿¼£©£º

1.·­¿ªÉÏÊöÏÂÔØÁ´½Ó£¬£¬£¬£¬£¬µã»÷Îó²îÁбíÖÐÒªÐÞ¸´µÄCVEÁ´½Ó¡£¡£¡£

image.png

Àý1£ºÎ¢ÈíÎó²îÁÐ±í£¨Ê¾Àý£©

2.ÔÚ΢Èíͨ¸æÒ³Ãæµ×²¿×ó²à¡¾²úÆ·¡¿Ñ¡ÔñÏìÓ¦µÄϵͳÀàÐÍ£¬£¬£¬£¬£¬µã»÷ÓҲࡾÏÂÔØ¡¿´¦·­¿ª²¹¶¡ÏÂÔØÁ´½Ó¡£¡£¡£

image.png

Àý2£ºCVE-2022-21989²¹¶¡ÏÂÔØʾÀý

3.µã»÷¡¾Çå¾²¸üС¿£¬£¬£¬£¬£¬·­¿ª²¹¶¡ÏÂÔØÒ³Ã棬£¬£¬£¬£¬ÏÂÔØÏìÓ¦²¹¶¡²¢¾ÙÐÐ×°Öᣡ£¡£

image.png

Àý3£º²¹¶¡ÏÂÔؽçÃæ

4.×°ÖÃÍê³ÉºóÖØÆôÅÌËã»ú¡£¡£¡£

3.2 ÔÝʱ²½·¥

ÔÝÎÞ¡£¡£¡£

3.3 ͨÓý¨Òé

l  °´ÆÚ¸üÐÂϵͳ²¹¶¡£¬£¬£¬£¬£¬ïÔ̭ϵͳÎó²î£¬£¬£¬£¬£¬ÌáÉýЧÀÍÆ÷µÄÇå¾²ÐÔ¡£¡£¡£

l  ÔöǿϵͳºÍÍøÂçµÄ»á¼û¿ØÖÆ£¬£¬£¬£¬£¬Ð޸ķÀ»ðǽսÂÔ£¬£¬£¬£¬£¬¹Ø±Õ·ÇÐëÒªµÄÓ¦Óö˿ڻòЧÀÍ£¬£¬£¬£¬£¬ïÔÌ­½«Î£ÏÕЧÀÍ£¨ÈçSSH¡¢RDPµÈ£©Ì»Â¶µ½¹«Íø£¬£¬£¬£¬£¬ïÔÌ­¹¥»÷Ãæ¡£¡£¡£

l  ʹÓÃÆóÒµ¼¶Çå¾²²úÆ·£¬£¬£¬£¬£¬ÌáÉýÆóÒµµÄÍøÂçÇå¾²ÐÔÄÜ¡£¡£¡£

l  ÔöǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬£¬£¬£¬£¬ÆôÓöàÒòËØÈÏÖ¤»úÖƺÍ×îСȨÏÞÔ­Ôò£¬£¬£¬£¬£¬Óû§ºÍÈí¼þȨÏÞÓ¦¼á³ÖÔÚ×îµÍÏ޶ȡ£¡£¡£

l  ÆôÓÃÇ¿ÃÜÂëÕ½ÂÔ²¢ÉèÖÃΪ°´ÆÚÐ޸ġ£¡£¡£

3.4 ²Î¿¼Á´½Ó

https://msrc.microsoft.com/update-guide/releaseNote/2024-May

https://www.bleepingcomputer.com/news/microsoft/microsoft-may-2024-patch-tuesday-fixes-3-zero-days-61-flaws/

https://securelist.com/cve-2024-30051/112618/

 

ËÄ¡¢°æ±¾ÐÅÏ¢

°æ±¾

ÈÕÆÚ

±¸×¢

V1.0

2024-05-15

Ê×´ÎÐû²¼

 

 

Îå¡¢¸½Â¼

5.1 ¼øºÚµ£±£Íø¼ò½é

¼øºÚµ£±£Íø½¨ÉèÓÚ1996Ä꣬£¬£¬£¬£¬ÊÇÓÉÁôÃÀ²©Ê¿ÑÏÍû¼ÑŮʿ½¨ÉèµÄ¡¢ÓµÓÐÍêÈ«×ÔÖ÷֪ʶ²úȨµÄÐÅÏ¢Çå¾²¸ß¿Æ¼¼ÆóÒµ¡£¡£¡£ÊǺ£ÄÚ×î¾ßʵÁ¦µÄÐÅÏ¢Çå¾²²úÆ·¡¢Ç徲ЧÀͽâ¾ö¼Æ»®µÄÁ캽ÆóÒµÖ®Ò»¡£¡£¡£

¹«Ë¾×ܲ¿Î»ÓÚ±±¾©ÊÐÖйشåÈí¼þÔ°¼øºÚµ£±£Íø´óÏ㬣¬£¬£¬£¬¹«Ë¾Ô±¹¤6000ÓàÈË£¬£¬£¬£¬£¬Ñз¢ÍŶÓ1200ÓàÈË, ÊÖÒÕЧÀÍÍŶÓ1300ÓàÈË¡£¡£¡£ÔÚÌìϸ÷Ê¡¡¢ÊС¢×ÔÖÎÇøÉèÁ¢·ÖÖ§»ú¹¹ÁùÊ®¶à¸ö£¬£¬£¬£¬£¬ÓµÓÐÁýÕÖÌìϵÄÏúÊÛϵͳ¡¢ÇþµÀϵͳºÍÊÖÒÕÖ§³Öϵͳ¡£¡£¡£¹«Ë¾ÓÚ2010Äê6ÔÂ23ÈÕÔÚÉîÛÚÖÐС°å¹ÒÅÆÉÏÊС£¡£¡££¨¹ÉƱ´úÂ룺002439£©

¶àÄêÀ´£¬£¬£¬£¬£¬¼øºÚµ£±£ÍøÖÂÁ¦ÓÚÌṩ¾ßÓйú¼Ê¾ºÕùÁ¦µÄ×ÔÖ÷Á¢ÒìµÄÇå¾²²úÆ·ºÍ×î¼Ñʵ¼ùЧÀÍ£¬£¬£¬£¬£¬×ÊÖú¿Í»§ÖÜÈ«ÌáÉýÆäIT»ù´¡ÉèÊ©µÄÇå¾²ÐÔºÍÉú²úЧÄÜ£¬£¬£¬£¬£¬Îª´òÔìºÍÌáÉý¹ú¼Ê»¯µÄÃñ×åÐÅÏ¢Çå¾²¹¤ÒµÁì¾üÆ·Åƶø²»Ð¸Æ𾢡£¡£¡£

5.2 ¹ØÓÚ¼øºÚµ£±£Íø

¼øºÚµ£±£ÍøÇå¾²Ó¦¼±ÏìÓ¦ÖÐÐÄÒÑÐû²¼1000¶à¸öÎó²îͨ¸æºÍΣº¦Ô¤¾¯£¬£¬£¬£¬£¬ÎÒÃǽ«Ò»Á¬¸ú×ÙÈ«Çò×îеÄÍøÂçÇå¾²ÊÂÎñºÍÎó²î£¬£¬£¬£¬£¬ÎªÆóÒµµÄÐÅÏ¢Çå¾²±£¼Ý»¤º½¡£¡£¡£

¹Ø×¢ÎÒÃÇ£º

image.png