近日,微软官方发布了多个安全漏洞的公告,包括Microsoft Windows 安全漏洞(CNNVD-202104-725、CVE-2021-28445)、Microsoft Exchange Server 代码注入漏洞(CNNVD-202104-905、CVE-2021-28482)等多个漏洞。成功利用上述漏洞的攻击者可以在目标系统上执行任意代码、获取用户数据,提升权限等。微软多个产品和系统受漏洞影响。目前,微软官方已经发布漏洞修复补丁,建议用户及时确认是否受到漏洞影响,尽快采取修补措施。
一、 漏洞介绍
2021年4月14日,微软发布了2021年4月份安全更新,共108个漏洞的补丁程序,CNNVD对这些漏洞进行了收录。本次更新主要涵盖了Windows操作系统、Exchange Server、Azure、Office、SharePoint Server、Hyper-V、Visual Studio和Edge。CNNVD对其危害等级进行了评价,其中高危漏洞有62个。微软多个产品和系统版本受漏洞影响,具体影响范围可访问https://portal.msrc.microsoft.com/zh-cn/security-guidance查询。
二、漏洞详情
此次更新共包括108个漏洞的补丁程序,其中高危漏洞有62个。
序号 |
漏洞名称 |
CNNVD编号 |
CVE编号 |
危害等级 |
官方链接 |
1 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-725 |
CVE-2021-28445 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28445 |
2 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-726 |
CVE-2021-28446 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28446 |
3 |
Microsoft多款产品 权限许可和访问控制问题漏洞 |
CNNVD-202104-732 |
CVE-2021-28440 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28440 |
4 |
Windows 输入验证错误漏洞 |
CNNVD-202104-733 |
CVE-2021-28439 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28439 |
5 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-739 |
CVE-2021-28434 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28434 |
6 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-740 |
CVE-2021-28355 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28355 |
7 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-741 |
CVE-2021-28358 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28358 |
8 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-742 |
CVE-2021-28357 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28357 |
9 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-745 |
CVE-2021-28354 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28354 |
10 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-747 |
CVE-2021-28356 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28356 |
11 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-754 |
CVE-2021-28353 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28353 |
12 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-782 |
CVE-2021-28352 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28352 |
13 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-799 |
CVE-2021-28351 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28351 |
14 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-806 |
CVE-2021-28348 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28348 |
15 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-807 |
CVE-2021-28346 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28346 |
16 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-808 |
CVE-2021-28350 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28350 |
17 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-809 |
CVE-2021-28345 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28345 |
18 |
Microsoft Windows GDI+ 安全漏洞 |
CNNVD-202104-810 |
CVE-2021-28349 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28349 |
19 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-812 |
CVE-2021-28344 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28344 |
20 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-814 |
CVE-2021-28343 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28343 |
21 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-815 |
CVE-2021-28339 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28339 |
22 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-816 |
CVE-2021-28341 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28341 |
23 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-817 |
CVE-2021-28342 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28342 |
24 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-819 |
CVE-2021-28338 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28338 |
25 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-820 |
CVE-2021-28340 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28340 |
26 |
Microsoft Windows 代码注入漏洞 |
CNNVD-202104-822 |
CVE-2021-28335 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28335 |
27 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-823 |
CVE-2021-28334 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28334 |
28 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-824 |
CVE-2021-28337 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28337 |
29 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-825 |
CVE-2021-28336 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28336 |
30 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-826 |
CVE-2021-28332 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28332 |
31 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-827 |
CVE-2021-28331 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28331 |
32 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-828 |
CVE-2021-28333 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28333 |
33 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-829 |
CVE-2021-28330 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28330 |
34 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-832 |
CVE-2021-28453 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28453 |
35 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-833 |
CVE-2021-28454 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28454 |
36 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-834 |
CVE-2021-28329 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28329 |
37 |
Microsoft Office和Microsoft Outlook 缓冲区错误漏洞 |
CNNVD-202104-839 |
CVE-2021-28452 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28452 |
38 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-846 |
CVE-2021-28451 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28451 |
39 |
Microsoft Visual Studio Code 安全漏洞 |
CNNVD-202104-849 |
CVE-2021-28473 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28473 |
40 |
Microsoft Visual Studio Code 代码注入漏洞 |
CNNVD-202104-851 |
CVE-2021-28471 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28471 |
41 |
Microsoft Raw Image Extension 安全漏洞 |
CNNVD-202104-852 |
CVE-2021-28468 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28468 |
42 |
Microsoft Raw Image Extension 安全漏洞 |
CNNVD-202104-853 |
CVE-2021-28466 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28466 |
43 |
Microsoft VP9 Video 安全漏洞 |
CNNVD-202104-854 |
CVE-2021-28464 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28464 |
44 |
Microsoft Visual Studio Code 安全漏洞 |
CNNVD-202104-855 |
CVE-2021-28448 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28448 |
45 |
Microsoft Office和Microsoft Excel 代码注入漏洞 |
CNNVD-202104-858 |
CVE-2021-28449 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28449 |
46 |
Visual Studio Code 安全漏洞 |
CNNVD-202104-860 |
CVE-2021-28477 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28477 |
47 |
Microsoft Visual Studio Code 安全漏洞 |
CNNVD-202104-861 |
CVE-2021-28457 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28457 |
48 |
Microsoft Visual Studio Code 安全漏洞 |
CNNVD-202104-863 |
CVE-2021-28475 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28475 |
49 |
Microsoft Azure Sphere 安全漏洞 |
CNNVD-202104-864 |
CVE-2021-28460 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28460 |
50 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202104-868 |
CVE-2021-28320 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28320 |
51 |
Visual Studio Code 安全漏洞 |
CNNVD-202104-872 |
CVE-2021-28470 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28470 |
52 |
Microsoft Win32k 安全漏洞 |
CNNVD-202104-881 |
CVE-2021-28310 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28310 |
53 |
Microsoft Windows 代码注入漏洞 |
CNNVD-202104-883 |
CVE-2021-27095 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27095 |
54 |
Microsoft Internet Messaging API 安全漏洞 |
CNNVD-202104-885 |
CVE-2021-27089 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27089 |
55 |
Microsoft Windows 代码注入漏洞 |
CNNVD-202104-892 |
CVE-2021-28315 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28315 |
56 |
Microsoft Visual Studio Code 代码注入漏洞 |
CNNVD-202104-903 |
CVE-2021-28469 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28469 |
57 |
Microsoft Exchange Server 代码注入漏洞 |
CNNVD-202104-905 |
CVE-2021-28482 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28482 |
58 |
Microsoft Exchange Server 代码注入漏洞 |
CNNVD-202104-907 |
CVE-2021-28483 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28483 |
59 |
Microsoft Exchange Server 代码注入漏洞 |
CNNVD-202104-909 |
CVE-2021-28481 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28481 |
60 |
Microsoft Visual Studio Code 代码注入漏洞 |
CNNVD-202104-910 |
CVE-2021-28472 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28472 |
61 |
Microsoft Exchange Server 代码注入漏洞 |
CNNVD-202104-912 |
CVE-2021-28480 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28480 |
62 |
Microsoft 代码注入漏洞 |
CNNVD-202104-913 |
CVE-2021-28327 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28327 |
63 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-724 |
CVE-2021-28447 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28447 |
64 |
Microsoft SharePoint 安全漏洞 |
CNNVD-202104-727 |
CVE-2021-28450 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28450 |
65 |
Microsoft多款产品 安全特征问题漏洞 |
CNNVD-202104-728 |
CVE-2021-28444 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28444 |
66 |
Microsoft多款产品 输入验证错误漏洞 |
CNNVD-202104-729 |
CVE-2021-28443 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28443 |
67 |
Microsoft Windows TCP/IP 信息泄露漏洞 |
CNNVD-202104-730 |
CVE-2021-28442 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28442 |
68 |
Windows Hyper-V 信息泄露漏洞 |
CNNVD-202104-731 |
CVE-2021-28441 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28441 |
69 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-734 |
CVE-2021-28438 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28438 |
70 |
Microsoft多款产品 信息泄露漏洞 |
CNNVD-202104-735 |
CVE-2021-28437 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28437 |
71 |
Microsoft Visual Studio 权限许可和访问控制问题漏洞 |
CNNVD-202104-736 |
CVE-2021-27064 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27064 |
72 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-737 |
CVE-2021-28435 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28435 |
73 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-738 |
CVE-2021-28436 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28436 |
74 |
Microsoft Windows 10和Windows 权限许可和访问控制问题漏洞 |
CNNVD-202104-811 |
CVE-2021-28347 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28347 |
75 |
Microsoft Excel 信息泄露漏洞 |
CNNVD-202104-830 |
CVE-2021-28456 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28456 |
76 |
Microsoft Azure DevOps Server 信息泄露漏洞 |
CNNVD-202104-848 |
CVE-2021-27067 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27067 |
77 |
Microsoft windows 信息泄露漏洞 |
CNNVD-202104-850 |
CVE-2021-28328 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28328 |
78 |
Azure ms-rest-nodeauth 安全漏洞 |
CNNVD-202104-856 |
CVE-2021-28458 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28458 |
79 |
Microsoft Windows 10和Windows 输入验证错误漏洞 |
CNNVD-202104-857 |
CVE-2021-28326 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28326 |
80 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-859 |
CVE-2021-28325 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28325 |
81 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-862 |
CVE-2021-28324 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28324 |
82 |
Microsoft多款产品 权限许可和访问控制问题漏洞 |
CNNVD-202104-867 |
CVE-2021-28321 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28321 |
83 |
Microsoft Windows NTFS 安全漏洞 |
CNNVD-202104-869 |
CVE-2021-27096 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27096 |
84 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-870 |
CVE-2021-28322 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28322 |
85 |
Windows 安全漏洞 |
CNNVD-202104-871 |
CVE-2021-28319 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28319 |
86 |
Windows 安全漏洞 |
CNNVD-202104-873 |
CVE-2021-26413 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26413 |
87 |
Diagnostics Hub Standard Collector Service 安全漏洞 |
CNNVD-202104-874 |
CVE-2021-28313 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28313 |
88 |
Microsoft Windows和Windows Installer 权限许可和访问控制问题漏洞 |
CNNVD-202104-876 |
CVE-2021-26415 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26415 |
89 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-877 |
CVE-2021-28318 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28318 |
90 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-878 |
CVE-2021-28309 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28309 |
91 |
Microsoft Windows Codecs 信息泄露漏洞 |
CNNVD-202104-879 |
CVE-2021-28317 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28317 |
92 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-880 |
CVE-2021-28311 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28311 |
93 |
Microsoft Windows kernel 信息泄露漏洞 |
CNNVD-202104-884 |
CVE-2021-27093 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27093 |
94 |
Microsoft Windows 安全特征问题漏洞 |
CNNVD-202104-886 |
CVE-2021-28316 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28316 |
95 |
RPC 安全漏洞 |
CNNVD-202104-887 |
CVE-2021-27091 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27091 |
96 |
Microsoft Azure 安全漏洞 |
CNNVD-202104-888 |
CVE-2021-27092 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27092 |
97 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202104-889 |
CVE-2021-27090 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27090 |
98 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-890 |
CVE-2021-27088 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27088 |
99 |
Microsoft Windows 10和Windows 权限许可和访问控制问题漏洞 |
CNNVD-202104-891 |
CVE-2021-27086 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27086 |
100 |
Microsoft Win32k 权限许可和访问控制问题漏洞 |
CNNVD-202104-893 |
CVE-2021-27072 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27072 |
101 |
Microsoft Windows Hyper-V和Windows 权限许可和访问控制问题漏洞 |
CNNVD-202104-896 |
CVE-2021-28314 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28314 |
102 |
Microsoft Windows Hyper-V和Windows 输入验证错误漏洞 |
CNNVD-202104-897 |
CVE-2021-26416 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26416 |
103 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-899 |
CVE-2021-27079 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27079 |
104 |
Microsoft Windows DNS 信息泄露漏洞 |
CNNVD-202104-908 |
CVE-2021-28323 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28323 |
105 |
Microsoft Azure DevOps Server 安全漏洞 |
CNNVD-202104-911 |
CVE-2021-28459 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28459 |
106 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-936 |
CVE-2021-26417 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26417 |
107 |
Microsoft Windows NTFS 安全漏洞 |
CNNVD-202104-866 |
CVE-2021-28312 |
低危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28312 |
108 |
Microsoft Windows 安全特征问题漏洞 |
CNNVD-202104-882 |
CVE-2021-27094 |
低危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27094 |
三、修复建议
目前,微软官方已经发布补丁修复了上述漏洞,建议用户及时确认漏洞影响,尽快采取修补措施。微软官方补丁下载地址:
https://msrc.microsoft.com/update-guide/en-us
CNNVD将继续跟踪上述漏洞的相关情况,及时发布相关信息。如有需要,可与CNNVD联系。联系方式: [email protected]
![weinxin](http://zone.ci/zone_ci_images/zone.ci.png)
评论