软萌小仙自慰喷白浆,日韩av一区,二区,三区,日日夜夜精品视频,日日夜夜精品视频 ,欧美性色黄大片手机版,三级在线看中文字幕完整版

關(guān)于我們

質(zhì)量為本、客戶為根、勇于拼搏、務(wù)實(shí)創(chuàng)新

< 返回

【安全通告】“微軟補(bǔ)丁日” 多個(gè)產(chǎn)品高危漏洞風(fēng)險(xiǎn)通告

發(fā)布時(shí)間:2023-02-20 11:32:17

尊敬的棉花云用戶,您好!

       互聯(lián)網(wǎng)安全運(yùn)營(yíng)中心監(jiān)測(cè)到, 微軟發(fā)布了2023年2月的例行安全更新公告,共涉及漏洞數(shù)75個(gè),嚴(yán)重漏洞9個(gè)。本次發(fā)布涉及 Microsoft Protected Extensible Authentication Protocol (PEAP) 、Windows iSCSI Discovery Service、Microsoft Office 和 Office 組件、微軟 SQL Server、Microsoft Graphics Component、.NET 核心、.NET框架和 Visual Studio 等產(chǎn)品和相關(guān)組件的安全更新。


為避免您的業(yè)務(wù)受影響,棉花云安全建議您及時(shí)開展安全自查,如在受影響范圍,請(qǐng)您及時(shí)進(jìn)行更新修復(fù),避免被外部攻擊者入侵。


漏洞詳情

在此次公告中以下漏洞微軟用戶可重點(diǎn)關(guān)注:


Microsoft Protected Extensible Authentication Protocol (PEAP)遠(yuǎn)程代碼執(zhí)行漏洞(CVE-2023-21692、CVE-2023-21690、CVE-2023-21689):

該漏洞CVSSv3評(píng)分9.8。其中 CVE-2023-21690 和 CVE-2023-21692 是通過發(fā)送特制的PEAP惡意數(shù)據(jù)包進(jìn)行的利用,而 CVE-2023-21689 通過網(wǎng)絡(luò)調(diào)用在服務(wù)器上執(zhí)行任意代碼。該漏洞被官方標(biāo)記為被利用可能性較大。


Windows iSCSI Discovery Service遠(yuǎn)程代碼執(zhí)行漏洞(CVE-2023-21803):

該漏洞CVSSv3評(píng)分9.8。該漏洞通過向運(yùn)行 iSCSI Discovery Service 的 Windows 主機(jī)發(fā)送惡意的 DHCP 發(fā)現(xiàn)請(qǐng)求來利用此漏洞,成功利用可導(dǎo)致攻擊者遠(yuǎn)程執(zhí)行代碼。該漏洞僅影響 32 位版本的Windows,并且僅在 iSCSI Initiator 客戶端應(yīng)用程序正在運(yùn)行時(shí)才能利用此漏洞。在默認(rèn)情況下 iSCSI Initiator 客戶端應(yīng)用程序不被啟用。


Microsoft Exchange Server 遠(yuǎn)程代碼執(zhí)行漏洞(CVE-2023-21529、CVE-2023-21706、CVE-2023-21707):

該漏洞CVSSv3評(píng)分8.8。該漏洞允許任何有權(quán)限訪問 Exchange PowerShell 后端的用戶執(zhí)行任意代碼,從而接管 Exchange 服務(wù)器。該漏洞被官方標(biāo)記為利用可能性極大。


Windows Common Log File System Driver 特權(quán)提升漏洞(CVE-2023-23376):

該漏洞CVSSv3評(píng)分7.8。低權(quán)限攻擊者可利用該漏洞在目標(biāo)系統(tǒng)獲取 SYSTEM 權(quán)限。目前該漏洞被官方標(biāo)記為已發(fā)現(xiàn)在野利用。


風(fēng)險(xiǎn)等級(jí)

高風(fēng)險(xiǎn)


漏洞風(fēng)險(xiǎn)

攻擊者利用該漏洞可導(dǎo)致遠(yuǎn)程代碼執(zhí)行等危害


影響版本

CVE-2023-21692、CVE-2023-21690、CVE-2023-21689:

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems


CVE-2023-21803:

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for 32-bit Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 1809 for 32-bit Systems



CVE-2023-21529、CVE-2023-21706、CVE-2023-21707:

Microsoft Exchange Server 2016 Cumulative Update 23

Microsoft Exchange Server 2013 Cumulative Update 23

Microsoft Exchange Server 2019 Cumulative Update 11

Microsoft Exchange Server 2019 Cumulative Update 12


CVE-2023-23376:

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2016 (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows 10 Version 22H2 for 32-bit Systems

Windows 10 Version 22H2 for ARM64-based Systems

Windows 10 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for x64-based Systems

Windows 11 Version 22H2 for ARM64-based Systems

Windows 10 Version 21H2 for x64-based Systems

Windows 10 Version 21H2 for ARM64-based Systems

Windows 10 Version 21H2 for 32-bit Systems

Windows 11 version 21H2 for ARM64-based Systems

Windows 11 version 21H2 for x64-based Systems

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows Server 2019 (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems


安全版本

微軟2023年2月最新補(bǔ)丁


修復(fù)建議

官方已發(fā)布漏洞補(bǔ)丁及修復(fù)版本,請(qǐng)?jiān)u估業(yè)務(wù)是否受影響后,酌情升級(jí)至安全版本


【備注】:建議您在升級(jí)前做好數(shù)據(jù)備份工作,避免出現(xiàn)意外


漏洞參考

https://msrc.microsoft.com/update-guide/releaseNote/2023-Feb 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21692 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21690 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21689 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21803 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21529 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21706 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-21707 

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2023-23376 


棉花云


/template/Home/Cloud/PC/Static

立即注冊(cè)棉花云賬號(hào),開啟您的輕松上云之旅

立即注冊(cè)