2023 年 5 月 9 日
.png)
作者: Esben Dochy
本月最严重的漏洞之一是 Microsoft SharePoint。 CVE-2023-24955 的 CVSS 基本分数仅为 7.2,但事实上这是一个流行的 Microsoft 产品中的漏洞,而且 Microsoft 列出了利用“更有可能”的事实,这使它位居榜首。
本月最严重的漏洞之一是 Microsoft SharePoint。 CVE-2023-24955 的 CVSS 基本分数仅为 7.2,但事实上这是一个流行的 Microsoft 产品中的漏洞,而且 Microsoft 列出了利用“更有可能”的事实,这使它位居榜首。
第二个严重漏洞是过去出现过多个漏洞的漏洞。 网络文件系统 (NFS) 包含 RCE 漏洞 CVE-2023-24941。 由于 CVSS 基本分数为 9.8,这很明显是值得关注的漏洞之一。
攻击者可以通过对网络文件系统服务进行未经身份验证的特制调用来触发远程代码执行来利用此漏洞。 如果您有 NFS 服务器并且等不及更新,Microsoft 确实在咨询中提供了缓解措施。
如果您想快速了解 NFS 服务器,可以运行我们的 Windows Server NFS 角色审核。
我要介绍的最后一个漏洞是 Windows 对象链接和嵌入组件中的一个漏洞。 CVE-2023-29325 的 CVSS 基本分数为 8.1。 Microsoft 有很多关于此漏洞的信息,并且还列出了可能被利用的信息。
可以通过 Window 的预览窗格利用此漏洞。 他们还提供了一个利用示例:
为了帮助管理您的更新进度,我们创建了补丁星期二审计,检查您网络中的资产是否使用最新的补丁更新。 该报告已用颜色编码,以查看哪些机器是最新的,哪些仍需要更新。 一如既往,我们敦促系统管理员尽快更新他们的环境,以确保所有端点的安全。
Lansweeper 周二补丁报告会自动添加到 Lansweeper Cloud 站点。 Lansweeper Cloud 包含在我们所有的许可证中,无需任何额外费用,并允许您将所有安装联合到一个视图中,因此您需要做的就是查看一份报告,该报告会在每个周二的补丁中自动添加!
.webp){kind=icon}
运行五月补丁星期二审核
| CVE-2023-29344 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2023-29343 | SysInternals Sysmon for Windows Elevation of Privilege Vulnerability |
| CVE-2023-29341 | AV1 Video Extension Remote Code Execution Vulnerability |
| CVE-2023-29340 | AV1 Video Extension Remote Code Execution Vulnerability |
| CVE-2023-29338 | Visual Studio Code Information Disclosure Vulnerability |
| CVE-2023-29336 | Win32k Elevation of Privilege Vulnerability |
| CVE-2023-29335 | Microsoft Word Security Feature Bypass Vulnerability |
| CVE-2023-29333 | Microsoft Access Denial of Service Vulnerability |
| CVE-2023-29325 | Windows OLE Remote Code Execution Vulnerability |
| CVE-2023-29324 | Windows MSHTML Platform Security Feature Bypass Vulnerability |
| CVE-2023-28290 | Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability |
| CVE-2023-28283 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability |
| CVE-2023-28251 | Windows Driver Revocation List Security Feature Bypass Vulnerability |
| CVE-2023-24955 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2023-24954 | Microsoft SharePoint Server Information Disclosure Vulnerability |
| CVE-2023-24953 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2023-24950 | Microsoft SharePoint Server Spoofing Vulnerability |
| CVE-2023-24949 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-24948 | Windows Bluetooth Driver Elevation of Privilege Vulnerability |
| CVE-2023-24947 | Windows Bluetooth Driver Remote Code Execution Vulnerability |
| CVE-2023-24946 | Windows Backup Service Elevation of Privilege Vulnerability |
| CVE-2023-24945 | Windows iSCSI Target Service Information Disclosure Vulnerability |
| CVE-2023-24944 | Windows Bluetooth Driver Information Disclosure Vulnerability |
| CVE-2023-24943 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
| CVE-2023-24942 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-24941 | Windows Network File System Remote Code Execution Vulnerability |
| CVE-2023-24940 | Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability |
| CVE-2023-24939 | Server for NFS Denial of Service Vulnerability |
| CVE-2023-24932 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2023-24911 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| CVE-2023-24905 | Remote Desktop Client Remote Code Execution Vulnerability |
| CVE-2023-24904 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2023-24903 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
| CVE-2023-24902 | Win32k Elevation of Privilege Vulnerability |
| CVE-2023-24901 | Windows NFS Portmapper Information Disclosure Vulnerability |
| CVE-2023-24900 | Windows NTLM Security Support Provider Information Disclosure Vulnerability |
| CVE-2023-24899 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2023-24898 | Windows SMB Denial of Service Vulnerability |
| CVE-2023-24892 | Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability |
| CVE-2023-24881 | Microsoft Teams Information Disclosure Vulnerability |
| CVE-2023-24858 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| CVE-2023-23398 | Microsoft Excel Spoofing Vulnerability |
| CVE-2023-23396 | Microsoft Excel Denial of Service Vulnerability |
| CVE-2023-23383 | Service Fabric Explorer Spoofing Vulnerability |
| CVE-2023-21779 | Visual Studio Code Remote Code Execution Vulnerability |
| CVE-2023-21738 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2022-41104 | Microsoft Excel Security Feature Bypass Vulnerability |
| CVE-2022-29900 | AMD: CVE-2022-29900 AMD CPU Branch Type Confusion |
| CVE-2022-26928 | Windows Photo Import API Elevation of Privilege Vulnerability |
| CVE-2021-28452 | Microsoft Outlook Memory Corruption Vulnerability |
| CVE-2013-3900 | WinVerifyTrust Signature Validation Vulnerability |
.webp)
