微软6月补丁日多个产品高危漏洞
来源:scanv2020.06.10一 漏洞概述
2020年6月,微软共发布129个漏洞的补丁程序,影响较大的漏洞如下,其中, CVE-2020-1284、CVE-2020-1207、CVE-2020-1247、CVE-2020-1251、CVE-2020-1253、CVE-2020-1241、CVE-2020-1213、CVE-2020-1216、CVE-2020-1260、CVE-2020-1214、CVE-2020-1215、CVE-2020-1230、CVE-2020-1206、 CVE-2020-1219、CVE-2020-1301被微软标记为“Exploitation More Likely”,这些漏洞更容易被利用。
CVE-2020-1301 SMB远程代码执行漏洞:
Microsoft Server Message Block 1.0 (SMBv1)服务器在处理特定的请求时,存在一个远程代码执行漏洞。经过身份验证的攻击者可通过向目标SMBv1服务器发特制数据包来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统上以该用户权限执行任意代码。
注意:此漏洞被微软标记为Exploitation More Likely”,说明其很可能很容易被利用。
CVE-2020-1284 SMB拒绝服务漏洞:
Microsoft SMB服务器在处理特定的请求时,存在远程代码执行漏洞。攻击者可通过向目标SMB服务器发特制请求包来利用此漏洞,成功利用此漏洞可导致目标系统拒绝服务。此拒绝服务漏洞不会使攻击者执行代码或提升权限,但是会导致目标系统停止接收请求。
CVE-2020-1181 Microsoft SharePoint 远程代码执行漏洞:
Microsoft SharePoint服务器无法识别和过滤不安全的ASP.NET Web控件,存在一个远程代码执行漏洞。经过身份验证的攻击者可通过在受影响的Microsoft SharePoint 服务器上创建并调用特制页面来利用此漏洞,成功利用此漏洞的远程攻击者可使用特制页面在SharePoint应用程序池进程的安全上下文中执行代码。
Win32k权限提升漏洞:
Windows kernel-mode driver在处理内存中的对象时,存在4个权限提升漏洞(CVE-2020-1207、CVE-2020-1247、CVE-2020-1251、CVE-2020-1253)。攻击者可通过登陆目标系统并运行特制程序来利用此漏洞,成功利用此漏洞的攻击者可在目标系统内核模式下运行任意代码。
CVE-2020-1206 Windows SMBv3 Client/Server信息泄露漏洞:
Microsoft Server Message Block 3.1.1 (SMBv3)协议在处理特定的请求时,存在一个信息泄露漏洞。未经身份验证的攻击者可通过向目标SMB服务器发特制数据包来利用此漏洞,或配置一个恶意的 SMBv3 服务器并诱导用户连接来利用此漏洞。成功利用此漏洞的远程攻击者可获取敏感信息。
CVE-2020-1206的POC疑似在GitHub公开,且相关细节释出。
CVE-2020-1241 Windows内核安全特性绕过漏洞:
Microsoft 内核在sanitize特定参数时,存在一个安全特性绕过漏洞。经过身份验证的本地攻击者可通过在目标系统上运行特制程序来利用此漏洞。
VBScript脚本引擎远程代码执行漏洞:
VBScript引擎在处理内存中的对象时,存在6个远程代码执行漏洞(3个严重:CVE-2020-1213、CVE-2020-1216、CVE-2020-1260;3个重要:CVE-2020-1214、CVE-2020-1215、CVE-2020-1230)。攻击者可通过诱导用户访问特制网站或通过诱导用户打开嵌入标记为“初始化安全”的ActiveX控件的应用程序或Microsoft Office文档等方式来利用此漏洞,攻击者还可以通过攻击脆弱网站、向内容或广告服务提供商添加特制内容来利用此漏洞。成功利用此漏洞的远程攻击者可在目标系统上以该用户权限执行任意代码。
CVE-2020-1219 Microsoft 浏览器内存破坏漏洞:
Microsoft 浏览器在处理内存中的对象时,存在一个远程代码执行漏洞。攻击者可通过构造特制的站点、攻击脆弱网站、向内容或广告服务提供商添加特制内容,并诱导用户访问来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统上以该用户权限执行任意代码。
CVE-2020-1299 LNK远程代码执行漏洞:
Microsoft Windows在处理.LNK文件时,存在远程代码执行漏洞。攻击者可通过诱导用户打开包含恶意.LNK文件的可移动驱动器或远程共享来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统上以该用户权限执行任意代码。
CVE-2020-1281 Windows OLE远程代码执行漏洞:
Windows OLE 在验证用户输入时,存在远程代码执行漏洞。攻击者可通过并诱导用户打开网页或邮件中的特制文件或程序来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统上执行任意代码。
CVE-2020-1300 Windows 远程代码执行漏洞:
Microsoft Windows在处理Cabinet文件时,存在远程代码执行漏洞。攻击者可通过诱导用户打开特制的Cabinet文件或诱导用户安装伪装成打印机驱动程序的恶意Cabinet文件来利用此漏洞。
CVE-2020-1286 Windows Shell远程代码执行漏洞:
Windows Shell在验证文件路径时,存在远程代码执行漏洞。攻击者可通过构造特制的站点、攻击脆弱网站并向其添加特制内容,并诱导用户访问来利用此漏洞,成功利用此漏洞的远程攻击者可在目标系统上以该用户权限执行任意代码。
二 影响版本
对于CVE编号为CVE-2020-1301的漏洞,影响版本为:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
对于CVE编号为CVE-2020-1206的漏洞,影响版本为:
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
对于CVE编号为CVE-2020-1181的漏洞,影响版本为:
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Foundation 2010 Service Pack 2
Microsoft SharePoint Foundation 2013 Service Pack 1
Microsoft SharePoint Server 2019
对于CVE编号为CVE-2020-1207的漏洞,影响版本为:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
对于CVE编号为CVE-2020-1247的漏洞,影响版本为:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
对于CVE编号为CVE-2020-1251的漏洞,影响版本为:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
对于CVE编号为CVE-2020-1253的漏洞,影响版本为:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
对于CVE编号为CVE-2020-1241的漏洞,影响版本为:
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for x64-based Systems
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
对于CVE编号为CVE-2020-1213的漏洞,影响版本为:
Internet Explorer 11 on Windows 10 for 32-bit Systems
Internet Explorer 11 on Windows 10 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows 8.1 for 32-bit systems
Internet Explorer 11 on Windows 8.1 for x64-based systems
Internet Explorer 11 on Windows RT 8.1
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows Server 2012
Internet Explorer 11 on Windows Server 2012 R2
Internet Explorer 11 on Windows Server 2016
Internet Explorer 11 on Windows Server 2019
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2
对于CVE编号为CVE-2020-1216的漏洞,影响版本为:
Internet Explorer 11 on Windows 10 for 32-bit Systems
Internet Explorer 11 on Windows 10 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows 8.1 for 32-bit systems
Internet Explorer 11 on Windows 8.1 for x64-based systems
Internet Explorer 11 on Windows RT 8.1
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows Server 2012
Internet Explorer 11 on Windows Server 2012 R2
Internet Explorer 11 on Windows Server 2016
Internet Explorer 11 on Windows Server 2019
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2
对于CVE编号为CVE-2020-1260的漏洞,影响版本为:
Internet Explorer 11 on Windows 10 for 32-bit Systems
Internet Explorer 11 on Windows 10 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows 8.1 for 32-bit systems
Internet Explorer 11 on Windows 8.1 for x64-based systems
Internet Explorer 11 on Windows RT 8.1
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows Server 2012
Internet Explorer 11 on Windows Server 2012 R2
Internet Explorer 11 on Windows Server 2016
Internet Explorer 11 on Windows Server 2019
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2
对于CVE编号为CVE-2020-1214的漏洞,影响版本为:
Internet Explorer 11 on Windows 10 for 32-bit Systems
Internet Explorer 11 on Windows 10 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows 8.1 for 32-bit systems
Internet Explorer 11 on Windows 8.1 for x64-based systems
Internet Explorer 11 on Windows RT 8.1
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows Server 2012
Internet Explorer 11 on Windows Server 2012 R2
Internet Explorer 11 on Windows Server 2016
Internet Explorer 11 on Windows Server 2019
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2
对于CVE编号为CVE-2020-1215的漏洞,影响版本为:
Internet Explorer 11 on Windows 10 for 32-bit Systems
Internet Explorer 11 on Windows 10 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows 8.1 for 32-bit systems
Internet Explorer 11 on Windows 8.1 for x64-based systems
Internet Explorer 11 on Windows RT 8.1
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows Server 2012
Internet Explorer 11 on Windows Server 2012 R2
Internet Explorer 11 on Windows Server 2016
Internet Explorer 11 on Windows Server 2019
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2
对于CVE编号为CVE-2020-1230的漏洞,影响版本为:
Internet Explorer 11 on Windows 10 for 32-bit Systems
Internet Explorer 11 on Windows 10 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows 8.1 for 32-bit systems
Internet Explorer 11 on Windows 8.1 for x64-based systems
Internet Explorer 11 on Windows RT 8.1
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows Server 2012
Internet Explorer 11 on Windows Server 2012 R2
Internet Explorer 11 on Windows Server 2016
Internet Explorer 11 on Windows Server 2019
Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2
对于CVE编号为CVE-2020-1219的漏洞,影响版本为:
Internet Explorer 11 on Windows 10 for 32-bit Systems
Internet Explorer 11 on Windows 10 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems
Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems
Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems
Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems
Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1
Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows 8.1 for 32-bit systems
Internet Explorer 11 on Windows 8.1 for x64-based systems
Internet Explorer 11 on Windows RT 8.1
Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1
Internet Explorer 11 on Windows Server 2012
Internet Explorer 11 on Windows Server 2012 R2
Internet Explorer 11 on Windows Server 2016
Internet Explorer 11 on Windows Server 2019
Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for 32-bit Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for ARM64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for x64-based Systems
Microsoft Edge (EdgeHTML-based) on Windows Server 2016
Microsoft Edge (EdgeHTML-based) on Windows Server 2019
对于CVE编号为CVE-2020-1299的漏洞,影响版本为:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
对于CVE编号为CVE-2020-1281的漏洞,影响版本为:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
对于CVE编号为CVE-2020-1300的漏洞,影响版本为:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
对于CVE编号为CVE-2020-1286的漏洞,影响版本为:
Windows 10 Version 1709 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
对于CVE编号为CVE-2020-1284的漏洞,影响版本为:
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
三 复现过程
无
四 影响范围
根据 ZoomEye 网络空间搜索引擎对关键字 “Microsoft” 进行搜索,共得到 116,554,232 条 IP 历史记录,主要分布在美国、中国等国家。
五 修复建议
请参考以下链接尽快修复
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1301
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1284
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1206
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1181
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1207
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1247
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1251
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1253
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1241
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1213
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1216
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1260
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1214
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1215
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1230
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1219
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1299
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1281
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1300
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1286
六 时间线
官方发布漏洞修复通告时间:2020年6月9日
知道创宇发布漏洞情报时间:2020年6月10日
七 相关链接
微软:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1301
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1284
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1206
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1181
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1207
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1247
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1251
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1253
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1241
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1213
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1216
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1260
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1214
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1215
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1230
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1219
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1299
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1281
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1300
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1286
ZoomEye 网络空间搜索引擎:
https://www.zoomeye.org/searchResult?q=app%3A%22Microsoft%22
热门文章
IBM官方发布WebSphere Application Server XXE漏洞(CVE-2020-4643)
2020年09月17日,IBM发布安全公告,WebSphere Application Server中存在一个安全漏洞,该漏洞是由于WebSphere Application Server在处理XML数据时容易受到XML外部实体注入(XXE)攻击。
FastAdmin远程代码执行0day漏洞(暂无编号)
2020年9月22日,FastAdmin远程代码执行漏洞细节曝光,黑客登录前台会员中心,即可远程GetShell,风险极大。
VMware官方发布Spring Framework反射型文件下载漏洞(CVE-2020-5421)
2020年9月17日,VMware发布安全公告,在Spring Framework版本5.2.0-5.2.8、5.1.0-5.1.17、5.0.0-5.0.18、4.3.0-4.3.28和较旧的不受支持的版本中,发现了一个存在于Spring Framework中的反射型文件下载(Reflected File Download,RFD)漏洞(CVE-2020-5421)。
关注知道创宇云安全
获取安全动态