近日,微软官方发布了多个安全漏洞的公告,包括Microsoft Windows 安全漏洞(CNNVD-202104-725、CVE-2021-28445)、Microsoft Exchange Server 代码注入漏洞(CNNVD-202104-905、CVE-2021-28482)等多个漏洞。成功利用上述漏洞的攻击者可以在目标系统上执行任意代码、获取用户数据,提升权限等。微软多个产品和系统受漏洞影响。目前,微软官方已经发布漏洞修复补丁,建议用户及时确认是否受到漏洞影响,尽快采取修补措施。
一、 漏洞介绍
2021年4月14日,微软发布了2021年4月份安全更新,共108个漏洞的补丁程序,CNNVD对这些漏洞进行了收录。本次更新主要涵盖了Windows操作系统、Exchange Server、Azure、Office、SharePoint Server、Hyper-V、Visual Studio和Edge。CNNVD对其危害等级进行了评价,其中高危漏洞有62个。微软多个产品和系统版本受漏洞影响,具体影响范围可访问https://portal.msrc.microsoft.com/zh-cn/security-guidance查询。
二、漏洞详情
此次更新共包括108个漏洞的补丁程序,其中高危漏洞有62个。
| 序号 |
漏洞名称 |
CNNVD编号 |
CVE编号 |
危害等级 |
官方链接 |
| 1 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-725 |
CVE-2021-28445 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28445 |
| 2 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-726 |
CVE-2021-28446 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28446 |
| 3 |
Microsoft多款产品 权限许可和访问控制问题漏洞 |
CNNVD-202104-732 |
CVE-2021-28440 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28440 |
| 4 |
Windows 输入验证错误漏洞 |
CNNVD-202104-733 |
CVE-2021-28439 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28439 |
| 5 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-739 |
CVE-2021-28434 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28434 |
| 6 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-740 |
CVE-2021-28355 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28355 |
| 7 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-741 |
CVE-2021-28358 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28358 |
| 8 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-742 |
CVE-2021-28357 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28357 |
| 9 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-745 |
CVE-2021-28354 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28354 |
| 10 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-747 |
CVE-2021-28356 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28356 |
| 11 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-754 |
CVE-2021-28353 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28353 |
| 12 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-782 |
CVE-2021-28352 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28352 |
| 13 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-799 |
CVE-2021-28351 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28351 |
| 14 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-806 |
CVE-2021-28348 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28348 |
| 15 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-807 |
CVE-2021-28346 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28346 |
| 16 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-808 |
CVE-2021-28350 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28350 |
| 17 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-809 |
CVE-2021-28345 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28345 |
| 18 |
Microsoft Windows GDI+ 安全漏洞 |
CNNVD-202104-810 |
CVE-2021-28349 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28349 |
| 19 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-812 |
CVE-2021-28344 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28344 |
| 20 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-814 |
CVE-2021-28343 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28343 |
| 21 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-815 |
CVE-2021-28339 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28339 |
| 22 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-816 |
CVE-2021-28341 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28341 |
| 23 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-817 |
CVE-2021-28342 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28342 |
| 24 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-819 |
CVE-2021-28338 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28338 |
| 25 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-820 |
CVE-2021-28340 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28340 |
| 26 |
Microsoft Windows 代码注入漏洞 |
CNNVD-202104-822 |
CVE-2021-28335 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28335 |
| 27 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-823 |
CVE-2021-28334 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28334 |
| 28 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-824 |
CVE-2021-28337 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28337 |
| 29 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-825 |
CVE-2021-28336 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28336 |
| 30 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-826 |
CVE-2021-28332 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28332 |
| 31 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-827 |
CVE-2021-28331 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28331 |
| 32 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-828 |
CVE-2021-28333 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28333 |
| 33 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-829 |
CVE-2021-28330 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28330 |
| 34 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-832 |
CVE-2021-28453 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28453 |
| 35 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-833 |
CVE-2021-28454 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28454 |
| 36 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-834 |
CVE-2021-28329 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28329 |
| 37 |
Microsoft Office和Microsoft Outlook 缓冲区错误漏洞 |
CNNVD-202104-839 |
CVE-2021-28452 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28452 |
| 38 |
Microsoft多款产品 代码注入漏洞 |
CNNVD-202104-846 |
CVE-2021-28451 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28451 |
| 39 |
Microsoft Visual Studio Code 安全漏洞 |
CNNVD-202104-849 |
CVE-2021-28473 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28473 |
| 40 |
Microsoft Visual Studio Code 代码注入漏洞 |
CNNVD-202104-851 |
CVE-2021-28471 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28471 |
| 41 |
Microsoft Raw Image Extension 安全漏洞 |
CNNVD-202104-852 |
CVE-2021-28468 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28468 |
| 42 |
Microsoft Raw Image Extension 安全漏洞 |
CNNVD-202104-853 |
CVE-2021-28466 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28466 |
| 43 |
Microsoft VP9 Video 安全漏洞 |
CNNVD-202104-854 |
CVE-2021-28464 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28464 |
| 44 |
Microsoft Visual Studio Code 安全漏洞 |
CNNVD-202104-855 |
CVE-2021-28448 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28448 |
| 45 |
Microsoft Office和Microsoft Excel 代码注入漏洞 |
CNNVD-202104-858 |
CVE-2021-28449 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28449 |
| 46 |
Visual Studio Code 安全漏洞 |
CNNVD-202104-860 |
CVE-2021-28477 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28477 |
| 47 |
Microsoft Visual Studio Code 安全漏洞 |
CNNVD-202104-861 |
CVE-2021-28457 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28457 |
| 48 |
Microsoft Visual Studio Code 安全漏洞 |
CNNVD-202104-863 |
CVE-2021-28475 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28475 |
| 49 |
Microsoft Azure Sphere 安全漏洞 |
CNNVD-202104-864 |
CVE-2021-28460 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28460 |
| 50 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202104-868 |
CVE-2021-28320 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28320 |
| 51 |
Visual Studio Code 安全漏洞 |
CNNVD-202104-872 |
CVE-2021-28470 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28470 |
| 52 |
Microsoft Win32k 安全漏洞 |
CNNVD-202104-881 |
CVE-2021-28310 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28310 |
| 53 |
Microsoft Windows 代码注入漏洞 |
CNNVD-202104-883 |
CVE-2021-27095 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27095 |
| 54 |
Microsoft Internet Messaging API 安全漏洞 |
CNNVD-202104-885 |
CVE-2021-27089 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27089 |
| 55 |
Microsoft Windows 代码注入漏洞 |
CNNVD-202104-892 |
CVE-2021-28315 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28315 |
| 56 |
Microsoft Visual Studio Code 代码注入漏洞 |
CNNVD-202104-903 |
CVE-2021-28469 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28469 |
| 57 |
Microsoft Exchange Server 代码注入漏洞 |
CNNVD-202104-905 |
CVE-2021-28482 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28482 |
| 58 |
Microsoft Exchange Server 代码注入漏洞 |
CNNVD-202104-907 |
CVE-2021-28483 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28483 |
| 59 |
Microsoft Exchange Server 代码注入漏洞 |
CNNVD-202104-909 |
CVE-2021-28481 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28481 |
| 60 |
Microsoft Visual Studio Code 代码注入漏洞 |
CNNVD-202104-910 |
CVE-2021-28472 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28472 |
| 61 |
Microsoft Exchange Server 代码注入漏洞 |
CNNVD-202104-912 |
CVE-2021-28480 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28480 |
| 62 |
Microsoft 代码注入漏洞 |
CNNVD-202104-913 |
CVE-2021-28327 |
高危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28327 |
| 63 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-724 |
CVE-2021-28447 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28447 |
| 64 |
Microsoft SharePoint 安全漏洞 |
CNNVD-202104-727 |
CVE-2021-28450 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28450 |
| 65 |
Microsoft多款产品 安全特征问题漏洞 |
CNNVD-202104-728 |
CVE-2021-28444 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28444 |
| 66 |
Microsoft多款产品 输入验证错误漏洞 |
CNNVD-202104-729 |
CVE-2021-28443 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28443 |
| 67 |
Microsoft Windows TCP/IP 信息泄露漏洞 |
CNNVD-202104-730 |
CVE-2021-28442 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28442 |
| 68 |
Windows Hyper-V 信息泄露漏洞 |
CNNVD-202104-731 |
CVE-2021-28441 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28441 |
| 69 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-734 |
CVE-2021-28438 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28438 |
| 70 |
Microsoft多款产品 信息泄露漏洞 |
CNNVD-202104-735 |
CVE-2021-28437 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28437 |
| 71 |
Microsoft Visual Studio 权限许可和访问控制问题漏洞 |
CNNVD-202104-736 |
CVE-2021-27064 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27064 |
| 72 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-737 |
CVE-2021-28435 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28435 |
| 73 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-738 |
CVE-2021-28436 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28436 |
| 74 |
Microsoft Windows 10和Windows 权限许可和访问控制问题漏洞 |
CNNVD-202104-811 |
CVE-2021-28347 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28347 |
| 75 |
Microsoft Excel 信息泄露漏洞 |
CNNVD-202104-830 |
CVE-2021-28456 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28456 |
| 76 |
Microsoft Azure DevOps Server 信息泄露漏洞 |
CNNVD-202104-848 |
CVE-2021-27067 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27067 |
| 77 |
Microsoft windows 信息泄露漏洞 |
CNNVD-202104-850 |
CVE-2021-28328 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28328 |
| 78 |
Azure ms-rest-nodeauth 安全漏洞 |
CNNVD-202104-856 |
CVE-2021-28458 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28458 |
| 79 |
Microsoft Windows 10和Windows 输入验证错误漏洞 |
CNNVD-202104-857 |
CVE-2021-28326 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28326 |
| 80 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-859 |
CVE-2021-28325 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28325 |
| 81 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-862 |
CVE-2021-28324 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28324 |
| 82 |
Microsoft多款产品 权限许可和访问控制问题漏洞 |
CNNVD-202104-867 |
CVE-2021-28321 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28321 |
| 83 |
Microsoft Windows NTFS 安全漏洞 |
CNNVD-202104-869 |
CVE-2021-27096 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27096 |
| 84 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-870 |
CVE-2021-28322 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28322 |
| 85 |
Windows 安全漏洞 |
CNNVD-202104-871 |
CVE-2021-28319 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28319 |
| 86 |
Windows 安全漏洞 |
CNNVD-202104-873 |
CVE-2021-26413 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26413 |
| 87 |
Diagnostics Hub Standard Collector Service 安全漏洞 |
CNNVD-202104-874 |
CVE-2021-28313 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28313 |
| 88 |
Microsoft Windows和Windows Installer 权限许可和访问控制问题漏洞 |
CNNVD-202104-876 |
CVE-2021-26415 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26415 |
| 89 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-877 |
CVE-2021-28318 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28318 |
| 90 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-878 |
CVE-2021-28309 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28309 |
| 91 |
Microsoft Windows Codecs 信息泄露漏洞 |
CNNVD-202104-879 |
CVE-2021-28317 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28317 |
| 92 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-880 |
CVE-2021-28311 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28311 |
| 93 |
Microsoft Windows kernel 信息泄露漏洞 |
CNNVD-202104-884 |
CVE-2021-27093 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27093 |
| 94 |
Microsoft Windows 安全特征问题漏洞 |
CNNVD-202104-886 |
CVE-2021-28316 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28316 |
| 95 |
RPC 安全漏洞 |
CNNVD-202104-887 |
CVE-2021-27091 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27091 |
| 96 |
Microsoft Azure 安全漏洞 |
CNNVD-202104-888 |
CVE-2021-27092 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27092 |
| 97 |
Microsoft Windows 权限许可和访问控制问题漏洞 |
CNNVD-202104-889 |
CVE-2021-27090 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27090 |
| 98 |
Microsoft Windows 安全漏洞 |
CNNVD-202104-890 |
CVE-2021-27088 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27088 |
| 99 |
Microsoft Windows 10和Windows 权限许可和访问控制问题漏洞 |
CNNVD-202104-891 |
CVE-2021-27086 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27086 |
| 100 |
Microsoft Win32k 权限许可和访问控制问题漏洞 |
CNNVD-202104-893 |
CVE-2021-27072 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27072 |
| 101 |
Microsoft Windows Hyper-V和Windows 权限许可和访问控制问题漏洞 |
CNNVD-202104-896 |
CVE-2021-28314 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28314 |
| 102 |
Microsoft Windows Hyper-V和Windows 输入验证错误漏洞 |
CNNVD-202104-897 |
CVE-2021-26416 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26416 |
| 103 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-899 |
CVE-2021-27079 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27079 |
| 104 |
Microsoft Windows DNS 信息泄露漏洞 |
CNNVD-202104-908 |
CVE-2021-28323 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28323 |
| 105 |
Microsoft Azure DevOps Server 安全漏洞 |
CNNVD-202104-911 |
CVE-2021-28459 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28459 |
| 106 |
Microsoft Windows 信息泄露漏洞 |
CNNVD-202104-936 |
CVE-2021-26417 |
中危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26417 |
| 107 |
Microsoft Windows NTFS 安全漏洞 |
CNNVD-202104-866 |
CVE-2021-28312 |
低危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28312 |
| 108 |
Microsoft Windows 安全特征问题漏洞 |
CNNVD-202104-882 |
CVE-2021-27094 |
低危 |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27094 |
三、修复建议
目前,微软官方已经发布补丁修复了上述漏洞,建议用户及时确认漏洞影响,尽快采取修补措施。微软官方补丁下载地址:
https://msrc.microsoft.com/update-guide/en-us
CNNVD将继续跟踪上述漏洞的相关情况,及时发布相关信息。如有需要,可与CNNVD联系。联系方式: [email protected]
评论