国产精品亚洲YOURPORN,日韩欧美一区二区三区不学,欧美大鸡巴性爱网站,91精品视频成人网



  • <noscript id="4bm7e"><optgroup id="4bm7e"><div id="4bm7e"></div></optgroup></noscript>
    <i id="4bm7e"></i>
    1. 

      




      
    
      
        
        
      
        
      今天是 
      
        
      今日新發(fā)布通知公告0條   |   
			   上傳規(guī)范

      
        
      
    
      
    
    

      


      
    
    
    
      
        
      
            
      2024年5月網(wǎng)絡(luò)安全風(fēng)險提示
      
        
        
      
        
        
      
  發(fā)布日期:2024-05-23
        
      
        
        
      
        
      【漏洞信息】
       

        微軟公司近日發(fā)布了2024年5月份安全更新公告,包含了Windows DWM 核心庫、Windows MSHTML、Windows Common Log File System Driver和Microsoft SharePoint Server等微軟家族多個軟件的安全更新補(bǔ)丁。利用上述漏洞,攻擊者可進(jìn)行欺騙,繞過安全功能限制,獲取敏感信息,提升權(quán)限,執(zhí)行遠(yuǎn)程代碼,或發(fā)起拒絕服務(wù)攻擊等。我中心提醒全校師生用戶盡快下載補(bǔ)丁更新,避免引發(fā)漏洞相關(guān)的網(wǎng)絡(luò)安全事件。
       

        根據(jù)公告,此次更新中修復(fù)的Windows DWM 核心庫特權(quán)提升漏洞(CVE-2024-30051)、Windows MSHTML平臺安全功能繞過漏洞(CVE-2024-30040)、Windows Common Log File System Driver特權(quán)提升漏洞(CVE-2024-30025)、Windows DWM 核心庫特權(quán)提升漏洞(CVE-2024-30032)、Windows DWM核心庫特權(quán)提升漏洞(CVE-2024-30035)、Windows Common Log File System Driver特權(quán)提升漏洞(CVE-2024-30037)和Microsoft SharePoint Server遠(yuǎn)程代碼執(zhí)行漏洞(CVE-2024-30044)風(fēng)險較大。建議盡快安裝安全更新補(bǔ)丁或采取臨時緩解措施加固系統(tǒng)。
       

       
       

       
  
  
       
   
      CVE編號
      		 
   
      漏洞名稱
      		 
   
      危害等級
      		 
   
      漏洞處置等級
      		 
  
       
  
       
   
      CVE-2024-30051
      		 
   
      Windows DWM 核心庫特權(quán)提升漏洞
      		 
   
      高危
      		 
   
      2級
      		 
  
       
  
       
   
      CVE-2024-30040
      		 
   
      Windows MSHTML平臺安全功能繞過漏洞
      		 
   
      高危
      		 
   
      2級
      		 
  
       
  
       
   
      CVE-2024-30025
      		 
   
      Windows Common Log File System Driver特權(quán)提升漏洞
      		 
   
      高危
      		 
   
      2級
      		 
  
       
  
       
   
      CVE-2024-30032
      		 
   
      Windows DWM 核心庫特權(quán)提升漏洞
      		 
   
      高危
      		 
   
      2級
      		 
  
       
  
       
   
      CVE-2024-30035
      		 
   
      Windows DWM核心庫特權(quán)提升漏洞
      		 
   
      高危
      		 
   
      2級
      		 
  
       
  
       
   
      CVE-2024-30037
      		 
   
      Windows Common Log File System Driver特權(quán)提升漏洞
      		 
   
      高危
      		 
   
      2級
      		 
  
       
  
       
   
      CVE-2024-30044
      		 
   
      Microsoft SharePoint Server遠(yuǎn)程代碼執(zhí)行漏洞
      		 
   
      高危
      		 
   
      2級
      		 
  
       
        

       

       
       

      【重點關(guān)注漏洞】
       

        1Windows DWM核心庫特權(quán)提升漏洞(CVE-2024-30051
       

       
  
  
       
   
      漏洞類型
      		 
   
      權(quán)限提升
      		 
   
      CVSS3.1評分
      		 
   
      7.8
      		 
  
       
  
       
   
      POC情況
      		 
   
      已發(fā)現(xiàn)
      		 
   
      EXP情況
      		 
   
      已發(fā)現(xiàn)
      		 
  
       
  
       
   
      在野利用情況
      		 
   
      已發(fā)現(xiàn)
      		 
   
      研究情況
      		 
   
      已發(fā)現(xiàn)
      		 
  
       
  
       
   
      影響主體
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      Windows 10 for 32-bit Systems
      Windows 10 for x64-based Systems
      Windows 10 Version 1607 for 32-bit Systems
      Windows 10 Version 1607 for x64-based Systems
      Windows 10 Version 1809 for 32-bit Systems
      Windows 10 Version 1809 for ARM64-based Systems
      Windows 10 Version 1809 for x64-based Systems
      Windows 10 Version 21H2 for 32-bit Systems
      Windows 10 Version 21H2 for ARM64-based Systems
      Windows 10 Version 21H2 for x64-based Systems
      Windows 10 Version 22H2 for 32-bit Systems
      Windows 10 Version 22H2 for ARM64-based Systems
      Windows 10 Version 22H2 for x64-based Systems
      Windows 11 version 21H2 for ARM64-based Systems
      Windows 11 version 21H2 for x64-based Systems
      Windows 11 Version 22H2 for ARM64-based Systems
      Windows 11 Version 22H2 for x64-based Systems
      Windows 11 Version 23H2 for ARM64-based Systems
      Windows 11 Version 23H2 for x64-based Systems
      Windows Server 2016
      Windows Server 2016 (Server Core installation)
      Windows Server 2019
      Windows Server 2019 (Server Core installation)
      Windows Server 2022
      Windows Server 2022 (Server Core installation)
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      CVSS向量
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      訪問途徑(AV
      		 
   
      本地
      		 
   
      攻擊復(fù)雜度(AC
      		 
   
      		 
  
       
  
       
   
      所需權(quán)限(PR
      		 
   
      		 
   
      用戶交互(UI
      		 
   
      不需要用戶交互
      		 
  
       
  
       
   
      影響范圍(S
      		 
   
      不變
      		 
   
      機(jī)密性影響(C
      		 
   
      		 
  
       
  
       
   
      完整性影響(I
      		 
   
      		 
   
      可用性影響(A
      		 
   
      		 
  
       
  
       
   
      		 
   
      		 
   
      		 
   
      		 
  
       
        

       

        2、Windows MSHTML平臺安全功能繞過漏洞(CVE-2024-30040
       

       
  
  
       
   
      漏洞類型
      		 
   
      安全特性繞過
      		 
   
      CVSS3.1評分
      		 
   
      8.8
      		 
  
       
  
       
   
      POC情況
      		 
   
      未發(fā)現(xiàn)
      		 
   
      EXP情況
      		 
   
      未發(fā)現(xiàn)
      		 
  
       
  
       
   
      在野利用情況
      		 
   
      已發(fā)現(xiàn)
      		 
   
      研究情況
      		 
   
      分析中
      		 
  
       
  
       
   
      影響版本
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      Windows 10 for 32-bit Systems
      Windows 10 for x64-based Systems
      Windows 10 Version 1607 for 32-bit Systems
      Windows 10 Version 1607 for x64-based Systems
      Windows 10 Version 1809 for 32-bit Systems
      Windows 10 Version 1809 for ARM64-based Systems
      Windows 10 Version 1809 for x64-based Systems
      Windows 10 Version 21H2 for 32-bit Systems
      Windows 10 Version 21H2 for ARM64-based Systems
      Windows 10 Version 21H2 for x64-based Systems
      Windows 10 Version 22H2 for 32-bit Systems
      Windows 10 Version 22H2 for ARM64-based Systems
      Windows 10 Version 22H2 for x64-based Systems
      Windows 11 version 21H2 for ARM64-based Systems
      Windows 11 version 21H2 for x64-based Systems
      Windows 11 Version 22H2 for ARM64-based Systems
      Windows 11 Version 22H2 for x64-based Systems
      Windows 11 Version 23H2 for ARM64-based Systems
      Windows 11 Version 23H2 for x64-based Systems
      Windows Server 2016
      Windows Server 2016 (Server Core installation)
      Windows Server 2019
      Windows Server 2019 (Server Core installation)
      Windows Server 2022
      Windows Server 2022 (Server Core installation)
      Windows Server 2022, 23H2 Edition (Server Core installation)
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      CVSS向量
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      訪問途徑(AV
      		 
   
      網(wǎng)絡(luò)
      		 
   
      攻擊復(fù)雜度(AC
      		 
   
      		 
  
       
  
       
   
      所需權(quán)限(PR
      		 
   
      無需任何權(quán)限
      		 
   
      用戶交互(UI
      		 
   
      需要用戶交互
      		 
  
       
  
       
   
      影響范圍(S
      		 
   
      不變
      		 
   
      機(jī)密性影響(C
      		 
   
      		 
  
       
  
       
   
      完整性影響(I
      		 
   
      		 
   
      可用性影響(A
      		 
   
      		 
  
       
  
       
   
      		 
   
      		 
   
      		 
   
      		 
  
       
        

       

        3Windows Common Log File System Driver特權(quán)提升漏洞(CVE-2024-30025)
       

       
  
  
       
   
      漏洞類型
      		 
   
      權(quán)限提升
      		 
   
      CVSS3.1評分
      		 
   
      7.8
      		 
  
       
  
       
   
      POC情況
      		 
   
      未發(fā)現(xiàn)
      		 
   
      EXP情況
      		 
   
      未發(fā)現(xiàn)
      		 
  
       
  
       
   
      在野利用情況
      		 
   
      未發(fā)現(xiàn)
      		 
   
      研究情況
      		 
   
      分析中
      		 
  
       
  
       
   
      影響版本
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      Windows 10 for 32-bit Systems
      Windows 10 for x64-based Systems
      Windows 10 Version 1607 for 32-bit Systems
      Windows 10 Version 1607 for x64-based Systems
      Windows 10 Version 1809 for 32-bit Systems
      Windows 10 Version 1809 for ARM64-based Systems
      Windows 10 Version 1809 for x64-based Systems
      Windows 10 Version 21H2 for 32-bit Systems
      Windows 10 Version 21H2 for ARM64-based Systems
      Windows 10 Version 21H2 for x64-based Systems
      Windows 10 Version 22H2 for 32-bit Systems
      Windows 10 Version 22H2 for ARM64-based Systems
      Windows 10 Version 22H2 for x64-based Systems
      Windows 11 version 21H2 for ARM64-based Systems
      Windows 11 version 21H2 for x64-based Systems
      Windows 11 Version 22H2 for ARM64-based Systems
      Windows 11 Version 22H2 for x64-based Systems
      Windows 11 Version 23H2 for ARM64-based Systems
      Windows 11 Version 23H2 for x64-based Systems
      Windows Server 2008 for 32-bit Systems Service Pack 2
      Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
      Windows Server 2008 for x64-based Systems Service Pack 2
      Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
      Windows Server 2008 R2 for x64-based Systems Service Pack 1
      Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
      Windows Server 2012
      Windows Server 2012 (Server Core installation)
      Windows Server 2012 R2
      Windows Server 2012 R2 (Server Core installation)
      Windows Server 2016
      Windows Server 2016 (Server Core installation)
      Windows Server 2019
      Windows Server 2019 (Server Core installation)
      Windows Server 2022
      Windows Server 2022 (Server Core installation)
      Windows Server 2022, 23H2 Edition (Server Core installation)
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      CVSS向量
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      訪問途徑(AV
      		 
   
      本地
      		 
   
      攻擊復(fù)雜度(AC
      		 
   
      		 
  
       
  
       
   
      所需權(quán)限(PR
      		 
   
      		 
   
      用戶交互(UI
      		 
   
      不需要用戶交互
      		 
  
       
  
       
   
      影響范圍(S
      		 
   
      不變
      		 
   
      機(jī)密性影響(C
      		 
   
      		 
  
       
  
       
   
      完整性影響(I
      		 
   
      		 
   
      可用性影響(A
      		 
   
      		 
  
       
  
       
   
      		 
   
      		 
   
      		 
   
      		 
  
       
        

       

        4、Windows DWM 核心庫特權(quán)提升漏洞(CVE-2024-30032
       

       
  
  
       
   
      漏洞類型
      		 
   
      權(quán)限提升
      		 
   
      CVSS3.1評分
      		 
   
      7.8
      		 
  
       
  
       
   
      POC情況
      		 
   
      未發(fā)現(xiàn)
      		 
   
      EXP情況
      		 
   
      未發(fā)現(xiàn)
      		 
  
       
  
       
   
      在野利用情況
      		 
   
      未發(fā)現(xiàn)
      		 
   
      研究情況
      		 
   
      分析中
      		 
  
       
  
       
   
      影響版本
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      Windows 10 for 32-bit Systems
      Windows 10 for x64-based Systems
      Windows 10 Version 1607 for 32-bit Systems
      Windows 10 Version 1607 for x64-based Systems
      Windows 10 Version 1809 for 32-bit Systems
      Windows 10 Version 1809 for ARM64-based Systems
      Windows 10 Version 1809 for x64-based Systems
      Windows 10 Version 21H2 for 32-bit Systems
      Windows 10 Version 21H2 for ARM64-based Systems
      Windows 10 Version 21H2 for x64-based Systems
      Windows 10 Version 22H2 for 32-bit Systems
      Windows 10 Version 22H2 for ARM64-based Systems
      Windows 10 Version 22H2 for x64-based Systems
      Windows 11 version 21H2 for ARM64-based Systems
      Windows 11 version 21H2 for x64-based Systems
      Windows 11 Version 22H2 for ARM64-based Systems
      Windows 11 Version 22H2 for x64-based Systems
      Windows 11 Version 23H2 for ARM64-based Systems
      Windows 11 Version 23H2 for x64-based Systems
      Windows Server 2016
      Windows Server 2016 (Server Core installation)
      Windows Server 2019
      Windows Server 2019 (Server Core installation)
      Windows Server 2022
      Windows Server 2022 (Server Core installation)
      Windows Server 2022, 23H2 Edition (Server Core installation)
      CVSS向量
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      訪問途徑(AV
      		 
   
      本地
      		 
   
      攻擊復(fù)雜度(AC
      		 
   
      		 
  
       
  
       
   
      所需權(quán)限(PR
      		 
   
      		 
   
      用戶交互(UI
      		 
   
      不需要用戶交互
      		 
  
       
  
       
   
      影響范圍(S
      		 
   
      不變
      		 
   
      機(jī)密性影響(C
      		 
   
      		 
  
       
  
       
   
      完整性影響(I
      		 
   
      		 
   
      可用性影響(A
      		 
   
      		 
  
       
  
       
   
      		 
   
      		 
   
      		 
   
      		 
  
       
        

       

        5Windows DWM 核心庫特權(quán)提升漏洞(CVE-2024-30035
       

       
  
  
       
   
      漏洞類型
      		 
   
      權(quán)限提升
      		 
   
      CVSS3.1評分
      		 
   
      7.8
      		 
  
       
  
       
   
      POC情況
      		 
   
      未發(fā)現(xiàn)
      		 
   
      EXP情況
      		 
   
      未發(fā)現(xiàn)
      		 
  
       
  
       
   
      在野利用情況
      		 
   
      未發(fā)現(xiàn)
      		 
   
      研究情況
      		 
   
      分析中
      		 
  
       
  
       
   
      影響版本
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      Windows 10 Version 1809 for 32-bit Systems
      Windows 10 Version 1809 for ARM64-based Systems
      Windows 10 Version 1809 for x64-based Systems
      Windows 10 Version 21H2 for 32-bit Systems
      Windows 10 Version 21H2 for ARM64-based Systems
      Windows 10 Version 21H2 for x64-based Systems
      Windows 10 Version 22H2 for 32-bit Systems
      Windows 10 Version 22H2 for ARM64-based Systems
      Windows 10 Version 22H2 for x64-based Systems
      Windows 11 version 21H2 for ARM64-based Systems
      Windows 11 version 21H2 for x64-based Systems
      Windows 11 Version 22H2 for ARM64-based Systems
      Windows 11 Version 22H2 for x64-based Systems
      Windows 11 Version 23H2 for ARM64-based Systems
      Windows 11 Version 23H2 for x64-based Systems
      Windows Server 2019
      Windows Server 2019 (Server Core installation)
      Windows Server 2022
      Windows Server 2022 (Server Core installation)
      Windows Server 2022, 23H2 Edition (Server Core installation)
      CVSS向量
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      訪問途徑(AV
      		 
   
      本地
      		 
   
      攻擊復(fù)雜度(AC
      		 
   
      		 
  
       
  
       
   
      所需權(quán)限(PR
      		 
   
      		 
   
      用戶交互(UI
      		 
   
      不需要用戶交互
      		 
  
       
  
       
   
      影響范圍(S
      		 
   
      不變
      		 
   
      機(jī)密性影響(C
      		 
   
      		 
  
       
  
       
   
      完整性影響(I
      		 
   
      		 
   
      可用性影響(A
      		 
   
      		 
  
       
  
       
   
      		 
   
      		 
   
      		 
   
      		 
  
       
        

       

        6、Windows Common Log File System Driver特權(quán)提升漏洞(CVE-2024-30037
       

       
  
  
       
   
      漏洞類型
      		 
   
      權(quán)限提升
      		 
   
      CVSS3.1評分
      		 
   
      7.8
      		 
  
       
  
       
   
      POC情況
      		 
   
      未發(fā)現(xiàn)
      		 
   
      EXP情況
      		 
   
      未發(fā)現(xiàn)
      		 
  
       
  
       
   
      在野利用情況
      		 
   
      未發(fā)現(xiàn)
      		 
   
      研究情況
      		 
   
      分析中
      		 
  
       
  
       
   
      影響版本
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      Windows 10 for 32-bit Systems
      Windows 10 for x64-based Systems
      Windows 10 Version 1607 for 32-bit Systems
      Windows 10 Version 1607 for x64-based Systems
      Windows 10 Version 1809 for 32-bit Systems
      Windows 10 Version 1809 for ARM64-based Systems
      Windows 10 Version 1809 for x64-based Systems
      Windows 10 Version 21H2 for 32-bit Systems
      Windows 10 Version 21H2 for ARM64-based Systems
      Windows 10 Version 21H2 for x64-based Systems
      Windows 10 Version 22H2 for 32-bit Systems
      Windows 10 Version 22H2 for ARM64-based Systems
      Windows 10 Version 22H2 for x64-based Systems
      Windows 11 version 21H2 for ARM64-based Systems
      Windows 11 version 21H2 for x64-based Systems
      Windows 11 Version 22H2 for ARM64-based Systems
      Windows 11 Version 22H2 for x64-based Systems
      Windows 11 Version 23H2 for ARM64-based Systems
      Windows 11 Version 23H2 for x64-based Systems
      Windows Server 2008 for 32-bit Systems Service Pack 2
      Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
      Windows Server 2008 for x64-based Systems Service Pack 2
      Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
      Windows Server 2008 R2 for x64-based Systems Service Pack 1
      Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
      Windows Server 2012
      Windows Server 2012 (Server Core installation)
      Windows Server 2012 R2
      Windows Server 2012 R2 (Server Core installation)
      Windows Server 2016
      Windows Server 2016 (Server Core installation)
      Windows Server 2019
      Windows Server 2019 (Server Core installation)
      Windows Server 2022
      Windows Server 2022 (Server Core installation)
      Windows Server 2022, 23H2 Edition (Server Core installation)
      CVSS向量
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      訪問途徑(AV
      		 
   
      本地
      		 
   
      攻擊復(fù)雜度(AC
      		 
   
      		 
  
       
  
       
   
      所需權(quán)限(PR
      		 
   
      		 
   
      用戶交互(UI
      		 
   
      不需要用戶交互
      		 
  
       
  
       
   
      影響范圍(S
      		 
   
      不變
      		 
   
      機(jī)密性影響(C
      		 
   
      		 
  
       
  
       
   
      完整性影響(I
      		 
   
      		 
   
      可用性影響(A
      		 
   
      		 
  
       
  
       
   
      		 
   
      		 
   
      		 
   
      		 
  
       
        

       

        7、Microsoft SharePoint Server遠(yuǎn)程代碼執(zhí)行漏洞(CVE-2024-30044)
       

       
  
  
       
   
      漏洞類型
      		 
   
      遠(yuǎn)程代碼執(zhí)行
      		 
   
      CVSS3.1評分
      		 
   
      7.8
      		 
  
       
  
       
   
      POC情況
      		 
   
      未發(fā)現(xiàn)
      		 
   
      EXP情況
      		 
   
      未發(fā)現(xiàn)
      		 
  
       
  
       
   
      在野利用情況
      		 
   
      未發(fā)現(xiàn)
      		 
   
      研究情況
      		 
   
      分析中
      		 
  
       
  
       
   
      影響版本
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      Microsoft SharePoint Enterprise Server 2016
      Microsoft SharePoint Server 2019
      Microsoft SharePoint Server Subscription Edition
      CVSS向量
      		 
   
      		 
   
      		 
   
      		 
  
       
  
       
   
      訪問途徑(AV
      		 
   
      網(wǎng)絡(luò)
      		 
   
      攻擊復(fù)雜度(AC
      		 
   
      		 
  
       
  
       
   
      所需權(quán)限(PR
      		 
   
      		 
   
      用戶交互(UI
      		 
   
      不需要用戶交互
      		 
  
       
  
       
   
      影響范圍(S
      		 
   
      不變
      		 
   
      機(jī)密性影響(C
      		 
   
      		 
  
       
  
       
   
      完整性影響(I
      		 
   
      		 
   
      可用性影響(A
      		 
   
      		 
  
       
        

       

      【修復(fù)方案】
       

        官方修復(fù)方案:
       

        目前微軟針對支持的產(chǎn)品已發(fā)布升級補(bǔ)丁修復(fù)了上述漏洞,請用戶參考官方通告及時下載更新補(bǔ)丁。補(bǔ)丁獲?。?a  rel="nofollow">https://msrc.microsoft.com/update-guide/vulnerability
        Windows 更新:
       

        自動更新:Microsoft Update默認(rèn)啟用,當(dāng)系統(tǒng)檢測到可用更新時,將會自動下載更新并在下一次啟動時安裝。
       

        手動更新:
       

        1、點擊“開始菜單”或按Windows快捷鍵,點擊進(jìn)入“設(shè)置”。
       

        2、選擇“更新和安全”,進(jìn)入“Windows更新”(Windows 8、Windows 8.1、Windows Server 2012以及Windows Server 2012 R2可通過控制面板進(jìn)入“Windows更新”,具體步驟為“控制面板”->“系統(tǒng)和安全”->“Windows更新”)。
       

        3、選擇“檢查更新”,等待系統(tǒng)將自動檢查并下載可用更新。
       

        4、重啟計算機(jī),安裝更新系統(tǒng)重新啟動后,可通過進(jìn)入“Windows更新”->“查看更新歷史記錄”查看是否成功安裝了更新。
       


       

      【參考資料】
       

        https://msrc.microsoft.com/update-guide/releaseNote/2024-May
       


       

      網(wǎng)絡(luò)信息技術(shù)中心
       

      2024年5月23日