- 分类3000+
- 产品3000+
- 服务3000+
- 厂商3000+
- 用户3000+
- 数字化疑难问题大家一起去解决
教育数字化知识图谱
登录查询教育数字化知识信息
打开微信扫一扫
教育数字化知识图谱
打开微信扫一扫
近日,微软官方发布了多个安全漏洞的公告,本次漏洞公告共发布80个漏洞补丁。包括Microsoft Azure Site Recovery 安全漏洞(CNNVD-202402-1061、CVE-2024-21364)、Microsoft Azure Kubernetes 安全漏洞(CNNVD-202402-1050、CVE-2024-21376)等多个漏洞。成功利用上述漏洞的攻击者可以在目标系统上执行任意代码、获取用户数据,提升权限等。微软多个产品和系统受漏洞影响。目前,微软官方已经发布了漏洞修复补丁,建议用户及时确认是否受到漏洞影响,尽快采取修补措施。
一、 漏洞介绍
2024年2月13日,微软发布了2024年2月份安全更新,共80个漏洞的补丁程序,CNNVD对这些漏洞进行了收录。本次更新主要涵盖了Microsoft Windows 和 Windows 组件、Microsoft Azure Connected Machine Agent、Microsoft Hyper-V、Microsoft Azure、Microsoft Windows USB Serial Driver、Microsoft Exchange Server等。CNNVD对其危害等级进行了评价,其中超危漏洞8个,高危漏洞57个,中危漏洞15个。微软多个产品和系统版本受漏洞影响,具体影响范围可访问微软官方网站查询:
https://portal.msrc.microsoft.com/zh-cn/security-guidance
二、漏洞详情
此次更新共包括73个新增漏洞的补丁程序,其中超危漏洞6个,高危漏洞53个,中危漏洞14个。
|
序号 |
漏洞名称 |
CNNVD编号 |
CVE编号 |
危害等级 |
官方链接 |
|
1 |
Microsoft Azure Site Recovery 安全漏洞 |
CNNVD-202402-1061 |
CVE-2024-21364 |
超危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21364 |
|
2 |
Microsoft Azure Kubernetes 安全漏洞 |
CNNVD-202402-1050 |
CVE-2024-21376 |
超危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21376 |
|
3 |
Microsoft Azure Active Directory 安全漏洞 |
CNNVD-202402-1034 |
CVE-2024-21401 |
超危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21401 |
|
4 |
Microsoft Azure Kubernetes 安全漏洞 |
CNNVD-202402-1032 |
CVE-2024-21403 |
超危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21403 |
|
5 |
Microsoft Exchange Server 安全漏洞 |
CNNVD-202402-1030 |
CVE-2024-21410 |
超危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21410 |
|
6 |
Microsoft Outlook 安全漏洞 |
CNNVD-202402-1028 |
CVE-2024-21413 |
超危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413 |
|
7 |
Microsoft DNS Server 安全漏洞 |
CNNVD-202402-1127 |
CVE-2023-50387 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-50387 |
|
8 |
Microsoft Azure DevOps Server 安全漏洞 |
CNNVD-202402-1097 |
CVE-2024-20667 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20667 |
|
9 |
Microsoft Office 安全漏洞 |
CNNVD-202402-1096 |
CVE-2024-20673 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673 |
|
10 |
Microsoft Defender 安全漏洞 |
CNNVD-202402-1091 |
CVE-2024-21315 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21315 |
|
11 |
Microsoft Dynamics 365 安全漏洞 |
CNNVD-202402-1090 |
CVE-2024-21327 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21327 |
|
12 |
Microsoft Dynamics 安全漏洞 |
CNNVD-202402-1089 |
CVE-2024-21328 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21328 |
|
13 |
Microsoft Azure Connected Machine Agent 安全漏洞 |
CNNVD-202402-1088 |
CVE-2024-21329 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21329 |
|
14 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202402-1087 |
CVE-2024-21338 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21338 |
|
15 |
Microsoft DNS Server 安全漏洞 |
CNNVD-202402-1082 |
CVE-2024-21342 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21342 |
|
16 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202402-1080 |
CVE-2024-21345 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21345 |
|
17 |
Microsoft Windows Win32K 安全漏洞 |
CNNVD-202402-1078 |
CVE-2024-21346 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21346 |
|
18 |
Microsoft ODBC Driver 安全漏洞 |
CNNVD-202402-1079 |
CVE-2024-21347 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21347 |
|
19 |
Microsoft Windows Internet Connection Sharing (ICS) 安全漏洞 |
CNNVD-202402-1077 |
CVE-2024-21348 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21348 |
|
20 |
Microsoft ActiveX 安全漏洞 |
CNNVD-202402-1076 |
CVE-2024-21349 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21349 |
|
21 |
Microsoft OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1075 |
CVE-2024-21350 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21350 |
|
22 |
Microsoft Windows SmartScreen 安全漏洞 |
CNNVD-202402-1074 |
CVE-2024-21351 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21351 |
|
23 |
Microsoft OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1073 |
CVE-2024-21352 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21352 |
|
24 |
Microsoft WDAC ODBC Driver 安全漏洞 |
CNNVD-202402-1072 |
CVE-2024-21353 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21353 |
|
25 |
Microsoft Message Queuing 安全漏洞 |
CNNVD-202402-1071 |
CVE-2024-21354 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21354 |
|
26 |
Microsoft Message Queuing 安全漏洞 |
CNNVD-202402-1070 |
CVE-2024-21355 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21355 |
|
27 |
Microsoft Windows Internet Connection Sharing (ICS) 安全漏洞 |
CNNVD-202402-1067 |
CVE-2024-21357 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21357 |
|
28 |
Microsoft WDAC OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1068 |
CVE-2024-21358 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21358 |
|
29 |
Microsoft OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1066 |
CVE-2024-21359 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21359 |
|
30 |
Microsoft WDAC OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1065 |
CVE-2024-21360 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21360 |
|
31 |
Microsoft WDAC OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1064 |
CVE-2024-21361 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21361 |
|
32 |
Microsoft Message Queuing 安全漏洞 |
CNNVD-202402-1063 |
CVE-2024-21363 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21363 |
|
33 |
Microsoft WDAC OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1060 |
CVE-2024-21365 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21365 |
|
34 |
Microsoft WDAC OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1059 |
CVE-2024-21366 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21366 |
|
35 |
Microsoft WDAC OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1058 |
CVE-2024-21367 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21367 |
|
36 |
Microsoft WDAC OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1057 |
CVE-2024-21368 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21368 |
|
37 |
Microsoft WDAC OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1056 |
CVE-2024-21369 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21369 |
|
38 |
Microsoft WDAC OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1054 |
CVE-2024-21370 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21370 |
|
39 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202402-1055 |
CVE-2024-21371 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21371 |
|
40 |
Microsoft Windows OLE 安全漏洞 |
CNNVD-202402-1052 |
CVE-2024-21372 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21372 |
|
41 |
Microsoft WDAC OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1051 |
CVE-2024-21375 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21375 |
|
42 |
Microsoft Windows DNS 安全漏洞 |
CNNVD-202402-1049 |
CVE-2024-21377 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21377 |
|
43 |
Microsoft Outlook 安全漏洞 |
CNNVD-202402-1048 |
CVE-2024-21378 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21378 |
|
44 |
Microsoft Word 安全漏洞 |
CNNVD-202402-1047 |
CVE-2024-21379 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21379 |
|
45 |
Microsoft Dynamics 安全漏洞 |
CNNVD-202402-1046 |
CVE-2024-21380 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21380 |
|
46 |
Microsoft Office 安全漏洞 |
CNNVD-202402-1044 |
CVE-2024-21384 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21384 |
|
47 |
Microsoft .NET 安全漏洞 |
CNNVD-202402-1043 |
CVE-2024-21386 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21386 |
|
48 |
Microsoft Dynamics 安全漏洞 |
CNNVD-202402-1042 |
CVE-2024-21389 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21389 |
|
49 |
Microsoft WDAC OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1041 |
CVE-2024-21391 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21391 |
|
50 |
Microsoft Dynamics 安全漏洞 |
CNNVD-202402-1040 |
CVE-2024-21393 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21393 |
|
51 |
Microsoft Dynamics 安全漏洞 |
CNNVD-202402-1038 |
CVE-2024-21394 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21394 |
|
52 |
Microsoft Dynamics 安全漏洞 |
CNNVD-202402-1037 |
CVE-2024-21395 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21395 |
|
53 |
Microsoft Dynamics 安全漏洞 |
CNNVD-202402-1036 |
CVE-2024-21396 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21396 |
|
54 |
Microsoft Outlook 安全漏洞 |
CNNVD-202402-1039 |
CVE-2024-21402 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21402 |
|
55 |
Microsoft .NET 安全漏洞 |
CNNVD-202402-1033 |
CVE-2024-21404 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21404 |
|
56 |
Microsoft Message Queuing 安全漏洞 |
CNNVD-202402-1092 |
CVE-2024-21405 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21405 |
|
57 |
Microsoft Windows 安全漏洞 |
CNNVD-202402-1031 |
CVE-2024-21406 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21406 |
|
58 |
Microsoft Windows 安全漏洞 |
CNNVD-202402-1029 |
CVE-2024-21412 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21412 |
|
59 |
Microsoft WDAC OLE DB provider for SQL 安全漏洞 |
CNNVD-202402-1027 |
CVE-2024-21420 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21420 |
|
60 |
Microsoft Azure Stack 安全漏洞 |
CNNVD-202402-1121 |
CVE-2024-20679 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20679 |
|
61 |
Microsoft Hyper-V 安全漏洞 |
CNNVD-202402-1095 |
CVE-2024-20684 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20684 |
|
62 |
Microsoft Skype for Business 安全漏洞 |
CNNVD-202402-1094 |
CVE-2024-20695 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20695 |
|
63 |
Microsoft Windows Trusted Compute Base 安全漏洞 |
CNNVD-202402-1093 |
CVE-2024-21304 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21304 |
|
64 |
Microsoft Windows USB Serial Driver 安全漏洞 |
CNNVD-202402-1086 |
CVE-2024-21339 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21339 |
|
65 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202402-1085 |
CVE-2024-21340 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21340 |
|
66 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202402-1083 |
CVE-2024-21341 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21341 |
|
67 |
Microsoft Windows Internet Connection Sharing (ICS) 安全漏洞 |
CNNVD-202402-1084 |
CVE-2024-21343 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21343 |
|
68 |
Microsoft Windows Internet Connection Sharing (ICS) 安全漏洞 |
CNNVD-202402-1081 |
CVE-2024-21344 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21344 |
|
69 |
Microsoft Lightweight Directory Access Protocol 安全漏洞 |
CNNVD-202402-1069 |
CVE-2024-21356 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21356 |
|
70 |
Microsoft Windows Kernel 安全漏洞 |
CNNVD-202402-1062 |
CVE-2024-21362 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21362 |
|
71 |
Microsoft Teams 安全漏洞 |
CNNVD-202402-1053 |
CVE-2024-21374 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21374 |
|
72 |
Microsoft Azure Active Directory 安全漏洞 |
CNNVD-202402-1045 |
CVE-2024-21381 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21381 |
|
73 |
Microsoft Azure 安全漏洞 |
CNNVD-202402-1035 |
CVE-2024-21397 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21397 |
此次更新共包括7个更新漏洞的补丁程序,其中超危漏洞2个,高危漏洞4个,中危漏洞1个。
|
序号 |
漏洞名称 |
CNNVD编号 |
CVE编号 |
危害等级 |
官方链接 |
|
1 |
Microsoft Power Platform Connector 安全漏洞 |
CNNVD-202312-970 |
CVE-2023-36019 |
超危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36019 |
|
2 |
Microsoft .NET和Microsoft Visual Studio 安全漏洞 |
CNNVD-202401-741 |
CVE-2024-0057 |
超危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057 |
|
3 |
Microsoft Windows AppX Installer 安全漏洞 |
CNNVD-202112-1261 |
CVE-2021-43890 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43890 |
|
4 |
Microsoft SQL Server 安全漏洞 |
CNNVD-202401-738 |
CVE-2024-0056 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056 |
|
5 |
Microsoft Office 安全漏洞 |
CNNVD-202401-717 |
CVE-2024-20677 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20677 |
|
6 |
Microsoft .NET Framework 安全漏洞 |
CNNVD-202401-692 |
CVE-2024-21312 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21312 |
|
7 |
Microsoft ASP.NET Core 安全漏洞 |
CNNVD-202311-1269 |
CVE-2023-36558 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36558 |
三、修复建议
目前,微软官方已经发布补丁修复了上述漏洞,建议用户及时确认漏洞影响,尽快采取修补措施。微软官方补丁下载地址:
https://msrc.microsoft.com/update-guide/en-us
教育数字化知识图谱
微信公众号
咨询顾问
Copyright@2024 EduDigital123.COM 教育数字化知识图谱 京公网安备11011502038001 京ICP备2024042673号-3
