【安全风险通告】微软多个产品高危漏洞安全风险通告

【安全风险通告】微软多个产品高危漏洞安全风险通告

  • 最近更新2020年04月15日

[wm_blue]本月,微软共发布了113个漏洞的补丁程序,其中,包括Adobe Font Manager Library、Microsoft Graphics Components、Windows Hyper-V、SharePoint、Media Foundation、Microsoft Windows Codecs Library、Dynamics Business Central以及VBScript、Chakra等脚本引擎中的18个远程代码执行漏洞被微软官方标记为紧急漏洞。经研判,以下15个漏洞影响较大(CVE-2020-0938、CVE-2020-1020、CVE-2020-0968、CVE-2020-0687、CVE-2020-0907 、CVE-2020-0910 、CVE-2020-0929、CVE、2020-0931、CVE-2020-0932、CVE-2020-0974、CVE-2020-0948、CVE-2020-0949、CVE-2020-0950、CVE-2020-0965、CVE-2020-1022)。其中,两个Adobe Font Manager Library远程代码执行漏洞已发现在野利用,其中一个由奇安信代码卫士团队提交(CVE-2020-0938)。另外,CVE-2020-0968脚本引擎内存破坏漏洞被微软标记为“Exploitation More Likely”。鉴于这些漏洞危害较大,建议客户尽快安装更新补丁。[/wm_blue]

[wm_blue]漏洞描述[/wm_blue]

本月,微软共发布113个漏洞的补丁程序,奇安信CERT对此进行研判,其中影响较大的漏洞如下:

Adobe Font Manager Library 远程代码执行漏洞

Windows Adobe Type Manager Library在处理特制的Adobe Type 1 PostScript格式的multi-master字体时,存在两个远程代码执行漏洞(CVE-2020-0938、CVE-2020-1020)。攻击者可通过向用户发送特制文件并诱导用户打开或在预览窗格中查看该文件来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统(除win10外)上执行任意代码。如果在Win10系统上成功利用此漏洞,攻击者只能在权限有限且功能有限的AppContainer沙箱上下文中执行代码。目前,已发现针对该漏洞的在野利用。

CVE-2020-0968 脚本引擎内存破坏漏洞

IE脚本引擎在处理内存中的对象时,存在远程代码执行漏洞。攻击者可通过诱导用户访问特制网站或通过诱导用户打开嵌入标记为“初始化安全”的ActiveX控件的应用程序或Microsoft Office文档等方式来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统上以该用户权限执行任意代码。微软将其标记为“Exploitation More Likely”。

CVE-2020-0687 Microsoft Graphics 远程代码执行漏洞

Windows字体库在处理特制字体时,存在远程代码执行漏洞。攻击者可通过构造特制的站点并诱导用户访问或通过向用户发送特制文件并诱导用户打开来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统上以该用户权限执行任意代码。

CVE-2020-0907 Microsoft Graphics Components远程代码执行漏洞

Microsoft Graphics Components在处理内存中的对象时,存在远程代码执行漏洞。攻击者可通过诱导用户打开特制文件来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统上执行任意代码。

CVE-2020-0910 Microsoft Hyper-V 远程代码执行漏洞

当主机服务器上的 Windows Hyper-V 无法正确验证Guest操作系统上经身份验证的用户的输入时,存在远程代码执行漏洞。攻击者可通过在Guest操作系统上运特制程序来利用此漏洞,成功利用此漏洞的攻击者可在 Hyper-V Host 操作系统上执行任意代码。

Microsoft SharePoint 远程代码执行漏洞

Microsoft SharePoint在检查应用程序包的源标记时,存在四个远程代码执行漏洞(CVE-2020-0929、CVE-2020-0931、CVE-2020-0932、CVE-2020-0974)。攻击者可通过向受影响SharePoint上传特制SharePoint应用程序包来利用此漏洞,成功利用此漏洞的攻击者可在 SharePoint应用程序池和SharePoint服务器账户的上下文中执行任意代码。

Media Foundation 远程代码执行漏洞

Windows Media Foundation在处理内存中的对象时,存在三个远程代码执行漏洞(CVE-2020-0948、CVE-2020-0949、CVE-2020-0950)。攻击者可通过构造特制的站点并诱导用户访问或向用户发送特制文件并诱导用户打开来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统上以该用户权限执行任意代码。

CVE-2020-0965 Windows Codecs Library 远程代码执行漏洞

Windows Codecs Library在处理内存中的对象时,存在远程代码执行漏洞。利用此漏洞需要有程序来处理攻击者制作的特制图像文件,成功利用此漏洞的远程攻击者可在目标系统上执行任意代码。

CVE-2020-1022 Dynamics Business Central 远程代码执行漏洞

Microsoft Dynamics Business Central中存在一个远程代码执行漏洞,成功利用此漏洞的远程攻击者可在目标系统上执行任意Shell命令。经过身份验证的攻击者可通过诱导用户连接到恶意的Dynamics Business Central客户端来利用此漏洞,或者提升到系统权限来执行代码。

[wm_blue]风险等级[/wm_blue]

风险评级为:高危

风险等级:蓝色(一般事件)

[wm_blue]影响范围[/wm_blue]

[wm_red]CVE编号
受影响版本
CVE-2020-0938
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
CVE-2020-0907
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
CVE-2020-0910
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
CVE-2020-0931
Microsoft Business Productivity Servers 2010 Service Pack 2
Microsoft SharePoint Enterprise Server 2013 Service Pack 1
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Server 2019
CVE-2020-0932
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Server 2019
CVE-2020-0974
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Server 2019
CVE-2020-0948
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
CVE-2020-0949
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
CVE-2020-0950
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)

CVE-2020-0965
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
CVE-2020-1022
Dynamics 365 Business Central 2019 Release Wave 2 (On-Premise)
Dynamics 365 Business Central 2019 Spring Update
Microsoft Dynamics 365 BC On Premise
Microsoft Dynamics NAV 2013
Microsoft Dynamics NAV 2015
Microsoft Dynamics NAV 2016
Microsoft Dynamics NAV 2017
Microsoft Dynamics NAV 2018[/wm_red]

[wm_blue]处置建议[/wm_blue]

请参考以下链接尽快修复:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0938

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1020

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0968

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0687

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0907

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0910

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0929

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0931

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0932

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0974

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0948

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0949

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0950

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0965

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1022

[wm_blue]参考资料[/wm_blue]

[1] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0938

[2] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1020

[3] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0968

[4] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0687

[5] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0907

[6] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0910

[7] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0929

[8] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0931

[9] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0932

[10] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0974

[11] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0948

[12] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0949

[13] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0950

[14] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0965

[15] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1022

分享到 :
相关推荐

发表评论

登录... 后才能评论