近日,微软官方发布了多个安全漏洞的公告,包括Microsoft Exchange Server 安全漏洞(CNNVD-202201-730、CVE-2022-21855)、Microsoft Windows安全漏洞(CNNVD-202201-779、CVE-2022-21907)等99个漏洞。成功利用上述漏洞的攻击者可以在目标系统上执行任意代码、获取用户数据,提升权限等。微软多个产品和系统受漏洞影响。目前,微软官方已经发布了漏洞修复补丁,建议用户及时确认是否受到漏洞影响,尽快采取修补措施。
一、 漏洞介绍
2022年1月11日,微软发布了2022年1月份安全更新,共99个漏洞的补丁程序,CNNVD对这些漏洞进行了收录。本次更新主要涵盖了Microsoft Windows 和 Windows 组件、Microsoft Graphics、Microsoft Windows Common Log File System Driver、Microsoft Windows Remote Access Connection Manager、Microsoft Office等。CNNVD对其危害等级进行了评价,其中超危漏洞6个,高危漏洞63个,中危漏洞29个,低危漏洞1个。微软多个产品和系统版本受漏洞影响,具体影响范围可访问https://portal.msrc.microsoft.com/zh-cn/security-guidance查询。
二、漏洞详情
此次更新共包括99个漏洞的补丁程序,其中超危漏洞6个,高危漏洞63个,中危漏洞29个,低危漏洞1个。
序号 |
漏洞名称 |
CNNVD编号 |
CVE编号 |
危害等级 |
官方链接 |
1 |
Microsoft Exchange Server 安全漏洞 |
CNNVD-202201-730 |
CVE-2022-21855 |
超危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21855 |
2 |
Microsoft Exchange Server 安全漏洞 |
CNNVD-202201-731 |
CVE-2022-21969 |
超危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21969 |
3 |
Microsoft Exchange Server 安全漏洞 |
CNNVD-202201-734 |
CVE-2022-21846 |
超危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21846 |
4 |
Microsoft Windows安全漏洞 |
CNNVD-202201-779 |
CVE-2022-21907 |
超危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21907 |
5 |
Microsoft Hyper-V 权限许可和访问控制问题漏洞 |
CNNVD-202201-787 |
CVE-2022-21901 |
超危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21901 |
6 |
Microsoft Windows 安全漏洞 |
CNNVD-202201-855 |
CVE-2022-21849 |
超危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21849 |
7 |
Microsoft Office 缓冲区错误漏洞 |
CNNVD-202201-733 |
CVE-2022-21841 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21841 |
8 |
多款Microsoft产品代码注入漏洞 |
CNNVD-202201-735 |
CVE-2022-21840 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21840 |
9 |
多款Microsoft产品代码注入漏洞 |
CNNVD-202201-744 |
CVE-2022-21842 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21842 |
10 |
Microsoft SharePoint代码注入漏洞 |
CNNVD-202201-764 |
CVE-2022-21837 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21837 |
11 |
Microsoft Kerberos for Windows安全漏洞 |
CNNVD-202201-769 |
CVE-2022-21920 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21920 |
12 |
多款Microsoft产品缓冲区错误漏洞 |
CNNVD-202201-773 |
CVE-2022-21922 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21922 |
13 |
Microsoft Windows Common Log File System Driver缓冲区错误漏洞 |
CNNVD-202201-774 |
CVE-2022-21916 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21916 |
14 |
Microsoft Windows 缓冲区错误漏洞 |
CNNVD-202201-775 |
CVE-2022-21919 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21919 |
15 |
Microsoft Windows Remote Access Connection Manager权限许可和访问控制问题漏洞 |
CNNVD-202201-776 |
CVE-2022-21914 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21914 |
16 |
Microsoft Windows DirectX 安全漏洞 |
CNNVD-202201-778 |
CVE-2022-21912 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21912 |
17 |
Microsoft Windows Installer安全漏洞 |
CNNVD-202201-781 |
CVE-2022-21908 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21908 |
18 |
Microsoft Windows 安全漏洞 |
CNNVD-202201-782 |
CVE-2022-21910 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21910 |
19 |
Microsoft Graphics Component 安全漏洞 |
CNNVD-202201-784 |
CVE-2022-21904 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21904 |
20 |
Microsoft Graphics Components安全漏洞 |
CNNVD-202201-785 |
CVE-2022-21903 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21903 |
21 |
Microsoft Windows安全漏洞 |
CNNVD-202201-786 |
CVE-2022-21902 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21902 |
22 |
Microsoft Windows DirectX 安全漏洞 |
CNNVD-202201-788 |
CVE-2022-21898 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21898 |
23 |
Microsoft Windows Common Log File System Driver 缓冲区错误漏洞 |
CNNVD-202201-789 |
CVE-2022-21897 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21897 |
24 |
Microsoft Windows 安全漏洞 |
CNNVD-202201-790 |
CVE-2022-21896 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21896 |
25 |
Microsoft Windows缓冲区错误漏洞 |
CNNVD-202201-791 |
CVE-2022-21895 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21895 |
26 |
多款Microsoft产品安全漏洞 |
CNNVD-202201-795 |
CVE-2022-21893 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21893 |
27 |
Microsoft Windows安全漏洞 |
CNNVD-202201-797 |
CVE-2022-21890 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21890 |
28 |
Microsoft Windows 安全漏洞 |
CNNVD-202201-798 |
CVE-2022-21889 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21889 |
29 |
Microsoft Windows 安全漏洞 |
CNNVD-202201-799 |
CVE-2022-21883 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21883 |
30 |
Microsoft Windows Remote Access Connection Manager 权限许可和访问控制问题漏洞 |
CNNVD-202201-800 |
CVE-2022-21885 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21885 |
31 |
Microsoft Windows Local Security Authority Subsystem Service 缓冲区错误漏洞 |
CNNVD-202201-801 |
CVE-2022-21884 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21884 |
32 |
Microsoft Windows 安全漏洞 |
CNNVD-202201-802 |
CVE-2022-21882 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21882 |
33 |
Microsoft Windows 安全漏洞 |
CNNVD-202201-803 |
CVE-2022-21887 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21887 |
34 |
Microsoft Windows 代码注入漏洞 |
CNNVD-202201-804 |
CVE-2022-21888 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21888 |
35 |
Microsoft Windows Kernel 缓冲区错误漏洞 |
CNNVD-202201-805 |
CVE-2022-21881 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21881 |
36 |
Microsoft Graphics Components安全漏洞 |
CNNVD-202201-806 |
CVE-2022-21880 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21880 |
37 |
Microsoft Windows 代码注入漏洞 |
CNNVD-202201-808 |
CVE-2022-21878 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21878 |
38 |
Microsoft Windows 代码注入漏洞 |
CNNVD-202201-810 |
CVE-2022-21874 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21874 |
39 |
Microsoft Windows Event Tracing 权限许可和访问控制问题漏洞 |
CNNVD-202201-811 |
CVE-2022-21872 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21872 |
40 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202201-812 |
CVE-2022-21873 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21873 |
41 |
Microsoft Windows Storage Spaces Controller权限许可和访问控制问题漏洞 |
CNNVD-202201-814 |
CVE-2022-21875 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21875 |
42 |
多款Microsoft产品权限许可和访问控制问题漏洞 |
CNNVD-202201-815 |
CVE-2022-21871 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21871 |
43 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202201-816 |
CVE-2022-21870 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21870 |
44 |
多款Microsoft产品权限许可和访问控制问题漏洞 |
CNNVD-202201-817 |
CVE-2022-21869 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21869 |
45 |
Microsoft Windows权限许可和访问控制问题漏洞 |
CNNVD-202201-818 |
CVE-2022-21868 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21868 |
46 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202201-819 |
CVE-2022-21867 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21867 |
47 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202201-820 |
CVE-2022-21864 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21864 |
48 |
多款Microsoft产品权限许可和访问控制问题漏洞 |
CNNVD-202201-821 |
CVE-2022-21863 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21863 |
49 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202201-822 |
CVE-2022-21862 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21862 |
50 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202201-823 |
CVE-2022-21865 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21865 |
51 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202201-824 |
CVE-2022-21866 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21866 |
52 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202201-825 |
CVE-2022-21860 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21860 |
53 |
Microsoft Windows权限许可和访问控制问题漏洞 |
CNNVD-202201-826 |
CVE-2022-21861 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21861 |
54 |
Microsoft Windows 安全漏洞 |
CNNVD-202201-827 |
CVE-2022-21852 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21852 |
55 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202201-828 |
CVE-2022-21859 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21859 |
56 |
Microsoft Dynamics 365和Microsoft Dynamics 跨站脚本漏洞 |
CNNVD-202201-829 |
CVE-2022-21932 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21932 |
57 |
Microsoft Windows权限许可和访问控制问题漏洞 |
CNNVD-202201-830 |
CVE-2022-21858 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21858 |
58 |
Microsoft Windows Virtual Machine权限许可和访问控制问题漏洞 |
CNNVD-202201-831 |
CVE-2022-21833 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21833 |
59 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202201-832 |
CVE-2022-21834 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21834 |
60 |
Microsoft Windows Codecs Library代码注入漏洞 |
CNNVD-202201-833 |
CVE-2022-21917 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21917 |
61 |
Windows Cryptographic Services 权限许可和访问控制问题漏洞 |
CNNVD-202201-834 |
CVE-2022-21835 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21835 |
62 |
Microsoft Windows Active Directory权限许可和访问控制问题漏洞 |
CNNVD-202201-835 |
CVE-2022-21857 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21857 |
63 |
Microsoft Windows 安全漏洞 |
CNNVD-202201-837 |
CVE-2022-21836 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21836 |
64 |
Microsoft Dynamics 安全漏洞 |
CNNVD-202201-841 |
CVE-2022-21891 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21891 |
65 |
Microsoft Windows 缓冲区错误漏洞 |
CNNVD-202201-843 |
CVE-2022-21851 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21851 |
66 |
Microsoft Windows 缓冲区错误漏洞 |
CNNVD-202201-854 |
CVE-2022-21850 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21850 |
67 |
Microsoft Windows 安全漏洞 |
CNNVD-202201-858 |
CVE-2022-21843 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21843 |
68 |
Microsoft Windows安全漏洞 |
CNNVD-202201-859 |
CVE-2022-21848 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21848 |
69 |
Microsoft Office和Microsoft SharePoint 安全漏洞 |
CNNVD-202112-1433 |
CVE-2021-43876 |
高危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-43876 |
70 |
Microsoft Windows Remote Procedure Call Runtime信息泄露漏洞 |
CNNVD-202201-758 |
CVE-2022-21964 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21964 |
71 |
多款Microsoft产品安全漏洞 |
CNNVD-202201-759 |
CVE-2022-21961 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21961 |
72 |
Microsoft Windows安全漏洞 |
CNNVD-202201-760 |
CVE-2022-21960 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21960 |
73 |
多款Microsoft产品安全漏洞 |
CNNVD-202201-761 |
CVE-2022-21959 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21959 |
74 |
多款Microsoft产品安全漏洞 |
CNNVD-202201-762 |
CVE-2022-21962 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21962 |
75 |
多款Microsoft产品安全漏洞 |
CNNVD-202201-763 |
CVE-2022-21963 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21963 |
76 |
多款Microsoft产品安全漏洞 |
CNNVD-202201-765 |
CVE-2022-21958 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21958 |
77 |
Microsoft Windows安全漏洞 |
CNNVD-202201-766 |
CVE-2022-21928 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21928 |
78 |
Microsoft Windows特征问题漏洞 |
CNNVD-202201-767 |
CVE-2022-21925 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21925 |
79 |
Microsoft Windows Workstation特征问题漏洞 |
CNNVD-202201-768 |
CVE-2022-21924 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21924 |
80 |
多款Microsoft产品安全漏洞 |
CNNVD-202201-770 |
CVE-2022-21918 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21918 |
81 |
多款Microsoft产品安全漏洞 |
CNNVD-202201-771 |
CVE-2022-21915 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21915 |
82 |
Microsoft Windows Defender特征问题漏洞 |
CNNVD-202201-772 |
CVE-2022-21921 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21921 |
83 |
Microsoft Windows Local Security Authority Subsystem Service 特征问题漏洞 |
CNNVD-202201-777 |
CVE-2022-21913 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21913 |
84 |
Microsoft Windows Defender特征问题漏洞 |
CNNVD-202201-780 |
CVE-2022-21906 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21906 |
85 |
Microsoft Hyper-V 特征问题漏洞 |
CNNVD-202201-783 |
CVE-2022-21905 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21905 |
86 |
Microsoft Windows 特征问题漏洞 |
CNNVD-202201-792 |
CVE-2022-21899 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21899 |
87 |
Microsoft Hyper-V 特征问题漏洞 |
CNNVD-202201-793 |
CVE-2022-21900 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21900 |
88 |
Microsoft Windows 特征问题漏洞 |
CNNVD-202201-794 |
CVE-2022-21894 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21894 |
89 |
Microsoft Windows 安全漏洞 |
CNNVD-202201-796 |
CVE-2022-21892 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21892 |
90 |
Microsoft Windows Kernel输入验证错误漏洞 |
CNNVD-202201-807 |
CVE-2022-21879 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21879 |
91 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202201-809 |
CVE-2022-21877 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21877 |
92 |
多款Microsoft产品安全漏洞 |
CNNVD-202201-813 |
CVE-2022-21876 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21876 |
93 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202201-836 |
CVE-2022-21838 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21838 |
94 |
Microsoft Windows Event Tracing 输入验证错误漏洞 |
CNNVD-202201-838 |
CVE-2022-21839 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21839 |
95 |
Microsoft Hyper-V 输入验证错误漏洞 |
CNNVD-202201-861 |
CVE-2022-21847 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21847 |
96 |
Microsoft Edge 跨站脚本漏洞 |
CNNVD-202201-401 |
CVE-2022-21930 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21930 |
97 |
Microsoft Edge 跨站脚本漏洞 |
CNNVD-202201-403 |
CVE-2022-21931 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21931 |
98 |
Microsoft Edge 跨站脚本漏洞 |
CNNVD-202201-404 |
CVE-2022-21954 |
中危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21954 |
99 |
Microsoft Edge 跨站脚本漏洞 |
CNNVD-202201-405 |
CVE-2022-21929 |
低危 |
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21929 |
三、修复建议
目前,微软官方已经发布补丁修复了上述漏洞,建议用户及时确认漏洞影响,尽快采取修补措施。微软官方补丁下载地址:
https://msrc.microsoft.com/update-guide/en-us
CNNVD将继续跟踪上述漏洞的相关情况,及时发布相关信息。如有需要,可与CNNVD联系。联系方式: [email protected]
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论