¡¾Îó²îͨ¸æ¡¿Î¢Èí12Ô¶à¸öÇå¾²Îó²î

Ðû²¼Ê±¼ä 2024-12-11


Ò»¡¢Îó²î¸ÅÊö

2024Äê12ÔÂ11ÈÕ£¬£¬£¬£¬£¬¼øºÚµ£±£Íø¼¯ÍÅVSRC¼à²âµ½Î¢ÈíÐû²¼ÁË12ÔÂÇå¾²¸üУ¬£¬£¬£¬£¬±¾´Î¸üй²ÐÞ¸´ÁË71¸öÎó²î£¨²»°üÀ¨Ö®Ç°ÐÞ¸´µÄEdgeÎó²î£©£¬£¬£¬£¬£¬Îó²îÀàÐÍ°üÀ¨ÌØȨÌáÉýÎó²î¡¢Ô¶³Ì´úÂëÖ´ÐÐÎó²î¡¢ÐÅϢй¶Îó²î¡¢¾Ü¾øЧÀÍÎó²îºÍÓÕÆ­Îó²îµÈ¡£¡£¡£

±¾´ÎÇå¾²¸üÐÂÖÐÐÞ¸´ÁË1¸öÒѾ­¹ûÕæÅû¶ÇÒÒÑ·¢Ã÷±»Æð¾¢Ê¹ÓõÄ0 dayÎó²î£º

CVE-2024-49138£ºWindows Common Log File System DriverÌØȨÌáÉýÎó²î

Windows ͨÓÃÈÕÖ¾ÎļþϵͳÇý¶¯³ÌÐòÖб£´æ»ùÓڶѵĻº³åÇøÒç³öÎó²î£¬£¬£¬£¬£¬ÆäCVSSÆÀ·ÖΪ7.8£¬£¬£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²îµÄ¿É»ñµÃSYSTEM ȨÏÞ¡£¡£¡£ÏÖÔÚ¸ÃÎó²îÒѾ­¹ûÕæÅû¶ÇÒÒÑ·¢Ã÷±»Ê¹Óᣡ£¡£

±¾´ÎÇå¾²¸üÐÂÖÐÐÞ¸´µÄ16¸öÑÏÖØÎó²îΪ£º

CVE-2024-49117£ºWindows Hyper-V Ô¶³Ì´úÂëÖ´ÐÐÎó²î

Windows Hyper-V±£´æÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ8.8£¬£¬£¬£¬£¬guestÐéÄâ»úÉϾ­ÓÉÉí·ÝÑéÖ¤µÄ¹¥»÷Õß¿ÉÏòÐéÄâ»úÉϵÄÓ²¼þ×ÊÔ´·¢ËÍÌØÖƵÄÎļþ²Ù×÷ÇëÇ󣬣¬£¬£¬£¬ÀÖ³ÉʹÓÿÉÄܵ¼ÖÂÔÚÖ÷»úЧÀÍÆ÷ÉÏÔ¶³ÌÖ´ÐдúÂë¡£¡£¡£

CVE-2024-49124£ºLightweight Directory Access Protocol (LDAP) Client Ô¶³Ì´úÂëÖ´ÐÐÎó²î

Lightweight Directory Access Protocol (LDAP) Clien±£´æ¾ºÕùÌõ¼þÎó²î£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ8.1£¬£¬£¬£¬£¬Î´¾­Éí·ÝÑéÖ¤µÄ¹¥»÷Õß¿ÉÒÔÏò±£´æÎó²îµÄЧÀÍÆ÷·¢ËÍÌØÖÆÇëÇ󣬣¬£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²î¿Éµ¼Ö¹¥»÷ÕߵĴúÂëÔÚ SYSTEM ÕÊ»§ÉÏÏÂÎÄÖÐÔËÐС£¡£¡£

CVE-2024-49112£ºWindows Lightweight Directory Access Protocol (LDAP) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

Windows ÇáÁ¿¼¶Ä¿Â¼»á¼ûЭÒé (LDAP)±£´æUse-After-FreeÎó²î£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ8.1£¬£¬£¬£¬£¬Î´¾­Éí·ÝÑéÖ¤µÄ¹¥»÷Õß¿ÉÒÔÏò±£´æÎó²îµÄЧÀÍÆ÷·¢ËÍÌØÖÆÇëÇ󣬣¬£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²î¿Éµ¼Ö¹¥»÷ÕߵĴúÂëÔÚ SYSTEM ÕÊ»§ÉÏÏÂÎÄÖÐÔËÐС£¡£¡£

CVE-2024-49127£ºWindows Lightweight Directory Access Protocol (LDAP) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

Windows ÇáÁ¿¼¶Ä¿Â¼»á¼ûЭÒé (LDAP)±£´æÕûÊýÒç³ö»òΧÈÆÎó²î£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ9.8£¬£¬£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²îµÄδ¾­Éí·ÝÑéÖ¤µÄ¹¥»÷Õß¿ÉÒÔͨ¹ýÒ»×éÌØÖÆµÄ LDAP ŲÓÃÀ´»ñÈ¡´úÂëÖ´ÐÐȨÏÞ£¬£¬£¬£¬£¬´Ó¶øÔÚ LDAP ЧÀ͵ÄÉÏÏÂÎÄÖÐÖ´ÐÐí§Òâ´úÂë¡£¡£¡£

CVE-2024-49126£ºWindows Local Security Authority Subsystem Service Ô¶³Ì´úÂëÖ´ÐÐÎó²î

Windows ÍâµØÇå¾²»ú¹¹×ÓϵͳЧÀÍ (LSASS)±£´æÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ8.1£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉÒÔͨ¹ýÍøÂçŲÓÃÔÚЧÀÍÆ÷ÕÊ»§ÉÏÏÂÎÄÖд¥·¢¶ñÒâ´úÂ룬£¬£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²î¿ÉÄܵ¼ÖÂÔ¶³Ì´úÂëÖ´ÐУ¬£¬£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²îÐèÒª¹¥»÷ÕßÓ®µÃ¾ºÕùÌõ¼þ¡£¡£¡£

CVE-2024-49118£ºMicrosoft Message Queuing (MSMQ) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

Microsoft ÐÂÎÅÐÐÁÐ (MSMQ)±£´æUse-After-FreeÎó²î£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ8.1£¬£¬£¬£¬£¬¹¥»÷Õß¿Éͨ¹ýÏò MSMQ ЧÀÍÆ÷·¢ËÍÌØÖƵĶñÒâMSMQ Êý¾Ý°ü£¬£¬£¬£¬£¬¿ÉÄܵ¼ÖÂЧÀÍÆ÷¶ËÔ¶³Ì´úÂëÖ´ÐС£¡£¡£¸ÃÎó²îµÄ¹¥»÷ÖØƯºó½Ï¸ß£¬£¬£¬£¬£¬¿ÉÄÜÐèÒª¹¥»÷ÕßÓ®µÃ¾ºÕùÌõ¼þ¡£¡£¡£

CVE-2024-49122£ºMicrosoft Message Queuing (MSMQ) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

Microsoft ÐÂÎÅÐÐÁÐ (MSMQ)±£´æUse-After-FreeÎó²î£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ8.1£¬£¬£¬£¬£¬¹¥»÷Õß¿Éͨ¹ýÏòMSMQЧÀÍÆ÷·¢ËÍÌØÖƵĶñÒâMSMQ Êý¾Ý°üʹÓøÃÎó²î£¬£¬£¬£¬£¬¿ÉÄܵ¼ÖÂÔÚЧÀÍÆ÷¶ËÔ¶³ÌÖ´ÐдúÂë¡£¡£¡£ÀÖ³ÉʹÓøÃÎó²îÐèÒª¹¥»÷ÕßÓ®µÃ¾ºÕùÌõ¼þ£¬£¬£¬£¬£¬Î¢ÈíµÄ¿ÉʹÓÃÐÔÆÀ¹ÀΪ ¡°±»Ê¹ÓõĿÉÄÜÐԽϸߡ±¡£¡£¡£

CVE-2024-49132/ CVE-2024-49115/ CVE-2024-49116/ CVE-2024-49123/ CVE-2024-49128/ CVE-2024-49106/ CVE-2024-49108£ºWindows Remote Desktop Services Ô¶³Ì´úÂëÖ´ÐÐÎó²î

Windows Ô¶³Ì×ÀÃæЧÀͱ£´æUse-After-FreeÎó²î»òÃô¸ÐÊý¾Ý´æ´¢ÔÚδ׼ȷËø¶¨µÄÄÚ´æÖУ¬£¬£¬£¬£¬¿ÉÄܵ¼ÖÂÔ¶³Ì´úÂëÖ´ÐУ¬£¬£¬£¬£¬ÕâЩÎó²îµÄCVSSÆÀ·Ö¾ùΪ8.1£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉÒÔͨ¹ýÅþÁ¬µ½ÔËÐÐÔ¶³Ì×ÀÃæÍø¹Ø½ÇÉ«µÄÄ¿µÄϵͳ£¬£¬£¬£¬£¬Ê¹ÓþºÕùÌõ¼þ£¬£¬£¬£¬£¬´¥·¢Use-After-FreeÎó²î£¬£¬£¬£¬£¬ÀÖ³ÉʹÓÃÕâЩÎó²îµÄ¹¥»÷Õß¿ÉÒÔÔÚÄ¿µÄϵͳÉÏÖ´ÐÐí§Òâ´úÂ룬£¬£¬£¬£¬µ«ÐèÒª¹¥»÷ÕßÓ®µÃ¾ºÕùÌõ¼þ¡£¡£¡£

CVE-2024-49119£ºWindows Remote Desktop Services Ô¶³Ì´úÂëÖ´ÐÐÎó²î

Windows Ô¶³Ì×ÀÃæЧÀͱ£´æÀàÐÍ»ìÏýÎó²î£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ8.1£¬£¬£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²îµÄ¹¥»÷Õß¿ÉÒÔÔÚÄ¿µÄϵͳÉÏÖ´ÐÐí§Òâ´úÂ룬£¬£¬£¬£¬µ«ÐèÒª¹¥»÷ÕßÓ®µÃ¾ºÕùÌõ¼þ¡£¡£¡£

CVE-2024-49120£ºWindows Remote Desktop Services Ô¶³Ì´úÂëÖ´ÐÐÎó²î

Windows Ô¶³Ì×ÀÃæЧÀͱ£´æ²»Çå¾²µÄĬÈϱäÁ¿³õʼ»¯ÎÊÌ⣬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ8.1£¬£¬£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²îµÄ¹¥»÷Õß¿ÉÒÔÔÚÄ¿µÄϵͳÉÏÖ´ÐÐí§Òâ´úÂ룬£¬£¬£¬£¬µ«ÐèÒª¹¥»÷ÕßÓ®µÃ¾ºÕùÌõ¼þ¡£¡£¡£

³ýCVE-2024-49122Í⣬£¬£¬£¬£¬Î¢ÈíµÄ¿ÉʹÓÃÐÔÆÀ¹ÀÖÐÆäËû ¡°±»Ê¹ÓõĿÉÄÜÐԽϸߡ±µÄÎó²î»¹°üÀ¨£º

CVE-2024-49070£ºMicrosoft SharePoint Ô¶³Ì´úÂëÖ´ÐÐÎó²î

Microsoft SharePoint±£´æ·´ÐòÁл¯Îó²î£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ7.4£¬£¬£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²î¿ÉÄܵ¼ÖÂÍâµØí§Òâ´úÂëÖ´ÐС£¡£¡£

CVE-2024-49088£ºWindows Common Log File System DriverÌØȨÌáÉýÎó²î

Windows ͨÓÃÈÕÖ¾ÎļþϵͳÇý¶¯³ÌÐò±£´æȨÏÞÌáÉýÎó²î£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ7.8£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉʹÓøÃÎó²î»ñµÃ SYSTEM ȨÏÞ¡£¡£¡£

CVE-2024-49090£ºWindows Common Log File System DriverÌØȨÌáÉýÎó²î

Windows ͨÓÃÈÕÖ¾ÎļþϵͳÇý¶¯³ÌÐò±£´æȨÏÞÌáÉýÎó²î£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ7.8£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉʹÓøÃÎó²î»ñµÃ SYSTEM ȨÏÞ¡£¡£¡£

CVE-2024-49093£ºWindows µ¯ÐÔÎļþϵͳ (ReFS) ÌØȨÌáÉýÎó²î

Windows Resilient File System (ReFS)±£´æȨÏÞÌáÉýÎó²î£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ8.8£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉʹÓøÃÎó²î»ñµÃ SYSTEM ȨÏÞ¡£¡£¡£

CVE-2024-49114£ºWindows Cloud Files Mini Filter Çý¶¯³ÌÐòÌØȨÌáÉýÎó²î

Windows Cloud Files Mini Filter Çý¶¯³ÌÐò±£´æȨÏÞÌáÉýÎó²î£¬£¬£¬£¬£¬¸ÃÎó²îµÄCVSSÆÀ·ÖΪ7.8£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉʹÓøÃÎó²î»ñµÃ SYSTEM ȨÏÞ¡£¡£¡£

΢Èí12Ô¸üÐÂÐÞ¸´µÄÍêÕûÎó²îÁбíÈçÏ£º

CVE 񅧏

CVE ÎÊÌâ

ÑÏÖØÐÔ

CVE-2024-49117

Windows Hyper-V Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49124

Lightweight Directory Access Protocol (LDAP) Client Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49112

Windows Lightweight Directory Access Protocol (LDAP) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49127

Windows Lightweight Directory Access Protocol (LDAP) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49126

Windows Local Security Authority Subsystem Service Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49118

Microsoft Message Queuing (MSMQ) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49122

Microsoft Message Queuing (MSMQ) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49132

Windows Remote Desktop Services Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49115

Windows Remote Desktop Services Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49116

Windows Remote Desktop Services Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49123

Windows Remote Desktop Services Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49128

Windows Remote Desktop Services Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49106

Windows Remote Desktop Services Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49108

Windows Remote Desktop Services Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49119

Windows Remote Desktop Services Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49120

Windows Remote Desktop Services Ô¶³Ì´úÂëÖ´ÐÐÎó²î

ÑÏÖØ

CVE-2024-49063

Microsoft/Muzic Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-49057

Microsoft Defender for Endpoint on Android ÓÕÆ­Îó²î

¸ßΣ

CVE-2024-49059

Microsoft Office ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-43600

Microsoft Office ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49142

Microsoft Access Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-49069

Microsoft Excel Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-49079

Input Method Editor (IME) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-49064

Microsoft SharePoint ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-49062

Microsoft SharePoint ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-49068

Microsoft SharePoint ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49070

Microsoft SharePoint Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-49065

Microsoft Office Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-49091

Windows Domain Name Service Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-43594

System Center Operations Manager ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49114

Windows Cloud Files Mini Filter Driver ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49088

Windows Common Log File System Driver ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49138

Windows Common Log File System Driver ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49090

Windows Common Log File System Driver ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49082

Windows File Explorer ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-49080

Windows IP Routing Management Snapin Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-49084

Windows Kernel ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49074

Windows Kernel-Mode Driver ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49121

Windows Lightweight Directory Access Protocol (LDAP) ¾Ü¾øЧÀÍÎó²î

¸ßΣ

CVE-2024-49113

Windows Lightweight Directory Access Protocol (LDAP) ¾Ü¾øЧÀÍÎó²î

¸ßΣ

CVE-2024-49096

Microsoft Message Queuing (MSMQ) ¾Ü¾øЧÀÍÎó²î

¸ßΣ

CVE-2024-49073

Windows Mobile Broadband Driver ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49077

Windows Mobile Broadband Driver ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49083

Windows Mobile Broadband Driver ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49092

Windows Mobile Broadband Driver ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49087

Windows Mobile Broadband Driver ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-49110

Windows Mobile Broadband Driver ȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49078

Windows Mobile Broadband Driver ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49095

Windows PrintWorkflowUserSvc ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49097

Windows PrintWorkflowUserSvc ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49129

Windows Remote Desktop Gateway (RD Gateway) ¾Ü¾øЧÀÍÎó²î

¸ßΣ

CVE-2024-49075

Windows Remote Desktop Services ¾Ü¾øЧÀÍÎó²î

¸ßΣ

CVE-2024-49093

Windows Resilient File System (ReFS) ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49085

Windows Routing and Remote Access Service (RRAS) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-49086

Windows Routing and Remote Access Service (RRAS) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-49089

Windows Routing and Remote Access Service (RRAS) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-49125

Windows Routing and Remote Access Service (RRAS) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-49104

Windows Routing and Remote Access Service (RRAS) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-49102

Windows Routing and Remote Access Service (RRAS) Ô¶³Ì´úÂëÖ´ÐÐÎó²î

¸ßΣ

CVE-2024-49072

Windows Task Scheduler ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49076

Windows Virtualization-Based Security (VBS) Enclave ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49081

Wireless Wide Area Network Service (WwanSvc) Elevation ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49103

Windows Wireless Wide Area Network Service (WwanSvc) ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-49111

Wireless Wide Area Network Service (WwanSvc) ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49109

Wireless Wide Area Network Service (WwanSvc) ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49101

Wireless Wide Area Network Service (WwanSvc) ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49094

Wireless Wide Area Network Service (WwanSvc) ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49098

Windows Wireless Wide Area Network Service (WwanSvc) ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-49099

Windows Wireless Wide Area Network Service (WwanSvc) ÐÅϢй¶Îó²î

¸ßΣ

CVE-2024-49107

WmsRepair Service ÌØȨÌáÉýÎó²î

¸ßΣ

CVE-2024-49041

Microsoft Edge£¨»ùÓÚ Chromium£©ÓÕÆ­Îó²î

ÖÐΣ

ADV240002

Microsoft Office ×ÝÉî·ÀÓù¸üÐÂ

ÖÐΣ

CVE-2024-12053

Chromium£ºCVE-2024-12053 V8 ÖеÄÀàÐÍ»ìÏý

δ֪

 

¶þ¡¢Ó°Ïì¹æÄ£

ÊÜÓ°ÏìµÄ²úÆ·/¹¦Ð§/ЧÀÍ/×é¼þ°üÀ¨£º

System Center Operations Manager

Microsoft Office

Microsoft Edge (Chromium-based)

Microsoft Defender for Endpoint

Microsoft Office SharePoint

GitHub

Microsoft Office Word

Microsoft Office Excel

Windows Task Scheduler

Windows Mobile Broadband

Windows Kernel-Mode Drivers

Windows Remote Desktop Services

Windows Virtualization-Based Security (VBS) Enclave

Microsoft Office Publisher

Windows IP Routing Management Snapin

Windows Wireless Wide Area Network Service

Windows File Explorer

Windows Kernel

Windows Routing and Remote Access Service (RRAS)

Windows Common Log File System Driver

Role: DNS Server

Windows Resilient File System (ReFS)

Windows PrintWorkflowUserSvc

Windows Message Queuing

Remote Desktop Client

WmsRepair Service

Windows LDAP - Lightweight Directory Access Protocol

Windows Cloud Files Mini Filter Driver

Role: Windows Hyper-V

Windows Local Security Authority Subsystem Service (LSASS)

Windows Remote Desktop

Microsoft Office Access

 

Èý¡¢Çå¾²²½·¥

3.1 Éý¼¶°æ±¾

ÏÖÔÚ΢ÈíÒÑÐû²¼Ïà¹ØÇå¾²¸üУ¬£¬£¬£¬£¬½¨ÒéÊÜÓ°ÏìµÄÓû§¾¡¿ìÐÞ¸´¡£¡£¡£

£¨Ò»£© Windows Update×Ô¶¯¸üÐÂ

Microsoft UpdateĬÈÏÆôÓ㬣¬£¬£¬£¬µ±ÏµÍ³¼ì²âµ½¿ÉÓøüÐÂʱ£¬£¬£¬£¬£¬½«»á×Ô¶¯ÏÂÔظüв¢ÔÚÏÂÒ»´ÎÆô¶¯Ê±×°Öᣡ£¡£Ò²¿ÉÑ¡Ôñͨ¹ýÒÔÏ°취ÊÖ¶¯¾ÙÐиüУº

1¡¢µã»÷¡°×îÏȲ˵¥¡±»ò°´Windows¿ì½Ý¼ü£¬£¬£¬£¬£¬µã»÷½øÈë¡°ÉèÖá±

2¡¢Ñ¡Ôñ¡°¸üкÍÇå¾²¡±£¬£¬£¬£¬£¬½øÈë¡°Windows¸üС±£¨Windows 8¡¢Windows 8.1¡¢Windows Server 2012ÒÔ¼°Windows Server 2012 R2¿Éͨ¹ý¿ØÖÆÃæ°å½øÈë¡°Windows¸üС±£¬£¬£¬£¬£¬Ïêϸ°ì·¨Îª¡°¿ØÖÆÃæ°å¡±->¡°ÏµÍ³ºÍÇå¾²¡±->¡°Windows¸üС±£©

3¡¢Ñ¡Ôñ¡°¼ì²é¸üС±£¬£¬£¬£¬£¬ÆÚ´ýϵͳ×Ô¶¯¼ì²é²¢ÏÂÔØ¿ÉÓøüС£¡£¡£

4¡¢¸üÐÂÍê³ÉºóÖØÆôÅÌËã»ú£¬£¬£¬£¬£¬¿Éͨ¹ý½øÈë¡°Windows¸üС±->¡°Éó²é¸üÐÂÀúÊ·¼Í¼¡±Éó²éÊÇ·ñÀÖ³É×°ÖÃÁ˸üС£¡£¡£¹ØÓÚûÓÐÀÖ³É×°ÖõĸüУ¬£¬£¬£¬£¬¿ÉÒÔµã»÷¸Ã¸üÐÂÃû³Æ½øÈë΢Èí¹Ù·½¸üÐÂÐÎòÁ´½Ó£¬£¬£¬£¬£¬µã»÷×îеÄSSUÃû³Æ²¢ÔÚÐÂÁ´½ÓÖеã»÷¡°Microsoft ¸üÐÂĿ¼¡±£¬£¬£¬£¬£¬È»ºóÔÚÐÂÁ´½ÓÖÐÑ¡ÔñÊÊÓÃÓÚÄ¿µÄϵͳµÄ²¹¶¡¾ÙÐÐÏÂÔز¢×°Öᣡ£¡£

£¨¶þ£© ÊÖ¶¯×°ÖøüÐÂ

Microsoft¹Ù·½ÏÂÔØÏìÓ¦²¹¶¡¾ÙÐиüС£¡£¡£

2024Äê12ÔÂÇå¾²¸üÐÂÏÂÔØÁ´½Ó£º

https://msrc.microsoft.com/update-guide/releaseNote/2024-Dec

²¹¶¡ÏÂÔØʾÀý£¨²Î¿¼£©£º

1.·­¿ªÉÏÊöÏÂÔØÁ´½Ó£¬£¬£¬£¬£¬µã»÷Îó²îÁбíÖÐÒªÐÞ¸´µÄCVEÁ´½Ó¡£¡£¡£

image.png 

Àý1£ºÎ¢ÈíÎó²îÁÐ±í£¨Ê¾Àý£©

2.ÔÚ΢Èíͨ¸æÒ³Ãæµ×²¿×ó²à¡¾²úÆ·¡¿ÁÐÑ¡ÔñÏìÓ¦µÄϵͳÀàÐÍ£¬£¬£¬£¬£¬µã»÷ÓҲࡾÏÂÔØ¡¿Áз­¿ª²¹¶¡ÏÂÔØÁ´½Ó¡£¡£¡£

image.png 

Àý2£ºCVE-2022-21989²¹¶¡ÏÂÔØʾÀý

3.µã»÷¡¾Çå¾²¸üС¿£¬£¬£¬£¬£¬·­¿ª²¹¶¡ÏÂÔØÒ³Ã棬£¬£¬£¬£¬ÏÂÔØÏìÓ¦²¹¶¡²¢¾ÙÐÐ×°Öᣡ£¡£

image.png 

Àý3£º²¹¶¡ÏÂÔؽçÃæ

4.×°ÖÃÍê³ÉºóÖØÆôÅÌËã»ú¡£¡£¡£

3.2 ÔÝʱ²½·¥

ÔÝÎÞ¡£¡£¡£

3.3 ͨÓý¨Òé

l°´ÆÚ¸üÐÂϵͳ²¹¶¡£¬£¬£¬£¬£¬ïÔ̭ϵͳÎó²î£¬£¬£¬£¬£¬ÌáÉýЧÀÍÆ÷µÄÇå¾²ÐÔ¡£¡£¡£

lÔöǿϵͳºÍÍøÂçµÄ»á¼û¿ØÖÆ£¬£¬£¬£¬£¬Ð޸ķÀ»ðǽսÂÔ£¬£¬£¬£¬£¬¹Ø±Õ·ÇÐëÒªµÄÓ¦Óö˿ڻòЧÀÍ£¬£¬£¬£¬£¬ïÔÌ­½«Î£ÏÕЧÀÍ£¨ÈçSSH¡¢RDPµÈ£©Ì»Â¶µ½¹«Íø£¬£¬£¬£¬£¬ïÔÌ­¹¥»÷Ãæ¡£¡£¡£

lʹÓÃÆóÒµ¼¶Çå¾²²úÆ·£¬£¬£¬£¬£¬ÌáÉýÆóÒµµÄÍøÂçÇå¾²ÐÔÄÜ¡£¡£¡£

lÔöǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬£¬£¬£¬£¬ÆôÓöàÒòËØÈÏÖ¤»úÖƺÍ×îСȨÏÞÔ­Ôò£¬£¬£¬£¬£¬Óû§ºÍÈí¼þȨÏÞÓ¦¼á³ÖÔÚ×îµÍÏ޶ȡ£¡£¡£

lÆôÓÃÇ¿ÃÜÂëÕ½ÂÔ²¢ÉèÖÃΪ°´ÆÚÐ޸ġ£¡£¡£

3.4 ²Î¿¼Á´½Ó

https://msrc.microsoft.com/update-guide/releaseNote/2024-Dec

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-49138

 

ËÄ¡¢°æ±¾ÐÅÏ¢

°æ±¾

ÈÕÆÚ

±¸×¢

V1.0

2024-12-11

Ê×´ÎÐû²¼

 

 

Îå¡¢¸½Â¼

5.1 ¼øºÚµ£±£Íø¼ò½é

¼øºÚµ£±£Íø½¨ÉèÓÚ1996Ä꣬£¬£¬£¬£¬ÊÇÓÉÁôÃÀ²©Ê¿ÑÏÍû¼ÑŮʿ½¨ÉèµÄ¡¢ÓµÓÐÍêÈ«×ÔÖ÷֪ʶ²úȨµÄÐÅÏ¢Çå¾²¸ß¿Æ¼¼ÆóÒµ¡£¡£¡£ÊǺ£ÄÚ×î¾ßʵÁ¦µÄÐÅÏ¢Çå¾²²úÆ·¡¢Ç徲ЧÀͽâ¾ö¼Æ»®µÄÁ캽ÆóÒµÖ®Ò»¡£¡£¡£

¹«Ë¾×ܲ¿Î»ÓÚ±±¾©ÊÐÖйشåÈí¼þÔ°¼øºÚµ£±£Íø´óÏ㬣¬£¬£¬£¬¹«Ë¾Ô±¹¤6000ÓàÈË£¬£¬£¬£¬£¬Ñз¢ÍŶÓ1200ÓàÈË, ÊÖÒÕЧÀÍÍŶÓ1300ÓàÈË¡£¡£¡£ÔÚÌìϸ÷Ê¡¡¢ÊС¢×ÔÖÎÇøÉèÁ¢·ÖÖ§»ú¹¹ÁùÊ®¶à¸ö£¬£¬£¬£¬£¬ÓµÓÐÁýÕÖÌìϵÄÏúÊÛϵͳ¡¢ÇþµÀϵͳºÍÊÖÒÕÖ§³Öϵͳ¡£¡£¡£¹«Ë¾ÓÚ2010Äê6ÔÂ23ÈÕÔÚÉîÛÚÖÐС°å¹ÒÅÆÉÏÊС£¡£¡££¨¹ÉƱ´úÂ룺002439£©

¶àÄêÀ´£¬£¬£¬£¬£¬¼øºÚµ£±£ÍøÖÂÁ¦ÓÚÌṩ¾ßÓйú¼Ê¾ºÕùÁ¦µÄ×ÔÖ÷Á¢ÒìµÄÇå¾²²úÆ·ºÍ×î¼Ñʵ¼ùЧÀÍ£¬£¬£¬£¬£¬×ÊÖú¿Í»§ÖÜÈ«ÌáÉýÆäIT»ù´¡ÉèÊ©µÄÇå¾²ÐÔºÍÉú²úЧÄÜ£¬£¬£¬£¬£¬Îª´òÔìºÍÌáÉý¹ú¼Ê»¯µÄÃñ×åÐÅÏ¢Çå¾²¹¤ÒµÁì¾üÆ·Åƶø²»Ð¸Æ𾢡£¡£¡£

5.2 ¹ØÓÚ¼øºÚµ£±£Íø

¼øºÚµ£±£ÍøÇå¾²Ó¦¼±ÏìÓ¦ÖÐÐÄÒÑÐû²¼1000¶à¸öÎó²îͨ¸æºÍΣº¦Ô¤¾¯£¬£¬£¬£¬£¬ÎÒÃǽ«Ò»Á¬¸ú×ÙÈ«Çò×îеÄÍøÂçÇå¾²ÊÂÎñºÍÎó²î£¬£¬£¬£¬£¬ÎªÆóÒµµÄÐÅÏ¢Çå¾²±£¼Ý»¤º½¡£¡£¡£

¹Ø×¢ÎÒÃÇ£º

image.png