Microsoft | 11Ô¶à¸ö²úÆ··ì϶¹«¸æ

°ä²¼¹¦·ò 2020-11-11

0x00 ·ì϶¸ÅÊö

2020Äê11ÔÂ10ÈÕÐÇÆÚ¶þ £¬£¬£¬£¬£¬£¬ £¬£¬Microsoft°ä²¼ÁË11Ô·ݵݲȫ¸üР£¬£¬£¬£¬£¬£¬ £¬£¬±¾´Î°ä²¼µÄ°²È«²¹¶¡¹²¼Æ112¸ö £¬£¬£¬£¬£¬£¬ £¬£¬ÆäÖÐÓÐ17¸ö·ì϶ÆÀ¼¶ÎªÑϳÁ £¬£¬£¬£¬£¬£¬ £¬£¬93¸ö·ì϶ÆÀ¼¶Îª¸ßΣ £¬£¬£¬£¬£¬£¬ £¬£¬2¸ö·ì϶ÆÀ¼¶ÎªµÍΣ¡£¡£¡£ ¡£¡£¡£¡£ÔÚÕâ´Î°ä²¼µÄ17¸ö¹Ø¼ü²¹¶¡ÖÐ £¬£¬£¬£¬£¬£¬ £¬£¬ÆäÖÐÓÐ12¸ö·ì϶ΪԶ³Ì´úÂëÖ´Ðзì϶¡£¡£¡£ ¡£¡£¡£¡£

 

0x01 ·ì϶ÏêÇé

 

image.png

´Ó11Եݲȫ²¼¸æÆðÍ· £¬£¬£¬£¬£¬£¬ £¬£¬Microsoftɾ³ýÁËCVE¸ÅÊöµÄÃèÊö²¿ÃÅ¡£¡£¡£ ¡£¡£¡£¡£Î¢ÈíÔÚÖÜÒ»°ä·¢ £¬£¬£¬£¬£¬£¬ £¬£¬Ëü½«Ê¹ÓÃÐÐÒµ³ß¶È £¬£¬£¬£¬£¬£¬ £¬£¬¼´Í¨Ó÷ì϶ÆÀ·Öϵͳ£¨CVSS£©À´ÎªPatch Tuesday£¨Î¢ÈíÖܶþ²¹¶¡ÈÕ£©µÄ°²È«²¼¸æÌṩ·ì϶ÐÅÏ¢¡£¡£¡£ ¡£¡£¡£¡£

΢Èí±¾´Î°ä²¼µÄ°²È«¸üÐÂÖÐ £¬£¬£¬£¬£¬£¬ £¬£¬ÊÜÓ°ÏìµÄ²úÆ·ºÍ×é¼þÔ̺¬£ºMicrosoft Windows¡¢Office¡¢Internet Explorer¡¢Edge (EdgeHTML and Chromium)¡¢ ChakraCore¡¢ Exchange Server¡¢Dynamics¡¢Windows Codecs Library¡¢ Azure Sphere¡¢ Windows Defender¡¢Teams¡¢Azure SDK¡¢Azure DevOpsºÍVisual Studio¡£¡£¡£ ¡£¡£¡£¡£ÏêÇéÈçÏ£º

 

²úÆ·

CVE   ID

·ìϼûû³Æ

ÑϳÁˮƽ

Azure   DevOps

CVE-2020-1325

Azure DevOps·þÎñÆ÷ºÍTeam Foundation ServicesºýŪ·ì϶

¸ßΣ

Azure   Sphere

CVE-2020-16985

Azure SphereÐÅϢй¶·ì϶

¸ßΣ

Azure   Sphere

CVE-2020-16986

Azure Sphere»Ø¾ø·þÎñ·ì϶

¸ßΣ

Azure   Sphere

CVE-2020-16987

Azure SphereδÊðÃû´úÂëÖ´Ðзì϶

¸ßΣ

Azure   Sphere

CVE-2020-16984

Azure SphereδÊðÃû´úÂëÖ´Ðзì϶

¸ßΣ

Azure   Sphere

CVE-2020-16981

Azure SphereȨÏÞÌáÉý·ì϶

¸ßΣ

Azure   Sphere

CVE-2020-16982

Azure SphereδÊðÃû´úÂëÖ´Ðзì϶

¸ßΣ

Azure   Sphere

CVE-2020-16983

Azure Sphere´Û¸Ä·ì϶

¸ßΣ

Azure   Sphere

CVE-2020-16988

Azure SphereȨÏÞÌáÉý·ì϶

ÑϳÁ

Azure   Sphere

CVE-2020-16993

Azure SphereȨÏÞÌáÉý·ì϶

¸ßΣ

Azure   Sphere

CVE-2020-16994

Azure SphereδÊðÃû´úÂëÖ´Ðзì϶

¸ßΣ

Azure   Sphere

CVE-2020-16970

Azure SphereδÊðÃû´úÂëÖ´Ðзì϶

¸ßΣ

Azure   Sphere

CVE-2020-16992

Azure SphereȨÏÞÌáÉý·ì϶

¸ßΣ

Azure   Sphere

CVE-2020-16989

Azure SphereȨÏÞÌáÉý·ì϶

¸ßΣ

Azure   Sphere

CVE-2020-16990

Azure SphereÐÅϢй¶·ì϶

¸ßΣ

Azure   Sphere

CVE-2020-16991

Azure SphereδÊðÃû´úÂëÖ´Ðзì϶

¸ßΣ

Common   Log File System Driver

CVE-2020-17088

WindowsͨÓÃÈÕÖ¾ÎļþϵͳÇý¶¯·¨Ê½È¨ÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Browsers

CVE-2020-17058

Microsoftä¯ÀÀÆ÷ÄÚ´æ°Ü»µ·ì϶

ÑϳÁ

Microsoft   Dynamics

CVE-2020-17005

Microsoft   Dynamics 365£¨±¾µØ£©¿çÕ¾µã¾ç±¾·ì϶

¸ßΣ

Microsoft   Dynamics

CVE-2020-17018

Microsoft   Dynamics 365£¨±¾µØ£©¿çÕ¾µã¾ç±¾·ì϶

¸ßΣ

Microsoft   Dynamics

CVE-2020-17021

Microsoft   Dynamics 365£¨±¾µØ£©¿çÕ¾µã¾ç±¾·ì϶

¸ßΣ

Microsoft   Dynamics

CVE-2020-17006

Microsoft   Dynamics 365£¨±¾µØ£©¿çÕ¾µã¾ç±¾·ì϶

¸ßΣ

Microsoft   Exchange Server

CVE-2020-17083

Microsoft   Exchange ServerÔ¶³Ì´úÂëÖ´Ðзì϶

¸ßΣ

Microsoft   Exchange Server

CVE-2020-17085

Microsoft   Exchange Server»Ø¾ø·þÎñ·ì϶

¸ßΣ

Microsoft   Exchange Server

CVE-2020-17084

Microsoft   Exchange ServerÔ¶³Ì´úÂëÖ´Ðзì϶

¸ßΣ

Microsoft   Graphics Component

CVE-2020-16998

DirectXȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Graphics Component

CVE-2020-17029

Windows   CanonicalÏÔʾÇý¶¯·¨Ê½ÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Graphics Component

CVE-2020-17004

WindowsͼÐÎ×é¼þÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Graphics Component

CVE-2020-17038

Win32kȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Graphics Component

CVE-2020-17068

Windows GDI +Ô¶³Ì´úÂëÖ´Ðзì϶

¸ßΣ

Microsoft   Office

CVE-2020-17065

Microsoft   ExcelÔ¶³Ì´úÂëÖ´Ðзì϶

¸ßΣ

Microsoft   Office

CVE-2020-17064

Microsoft   ExcelÔ¶³Ì´úÂëÖ´Ðзì϶

¸ßΣ

Microsoft   Office

CVE-2020-17066

Microsoft   ExcelÔ¶³Ì´úÂëÖ´Ðзì϶

¸ßΣ

Microsoft   Office

CVE-2020-17019

Microsoft   ExcelÔ¶³Ì´úÂëÖ´Ðзì϶

¸ßΣ

Microsoft   Office

CVE-2020-17067

Microsoft   Excel°²È«Ö°ÄÜÈƹý·ì϶

¸ßΣ

Microsoft   Office

CVE-2020-17062

Microsoft   Office AccessÏνÓÒýÇæÔ¶³Ì´úÂëÖ´Ðзì϶

¸ßΣ

Microsoft   Office

CVE-2020-17063

Microsoft   Office OnlineºýŪ·ì϶

¸ßΣ

Microsoft   Office

CVE-2020-17020

Microsoft Word°²È«Ö°ÄÜÈƹý·ì϶

¸ßΣ

Microsoft   Office SharePoint

CVE-2020-17016

Microsoft   SharePointºýŪ·ì϶

¸ßΣ

Microsoft   Office SharePoint

CVE-2020-16979

Microsoft   SharePointÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Office SharePoint

CVE-2020-17015

Microsoft   SharePointºýŪ·ì϶

µÍΣ

Microsoft   Office SharePoint

CVE-2020-17017

Microsoft SharePointÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Office SharePoint

CVE-2020-17061

Microsoft   SharePointÔ¶³Ì´úÂëÖ´Ðзì϶

¸ßΣ

Microsoft   Office SharePoint

CVE-2020-17060

Microsoft   SharePointºýŪ·ì϶

¸ßΣ

Microsoft   Scripting Engine

CVE-2020-17048

Chakra¾ç±¾ÒýÇæÄÚ´æ°Ü»µ·ì϶

ÑϳÁ

Microsoft   Scripting Engine

CVE-2020-17053

Internet   ExplorerÄÚ´æ°Ü»µ·ì϶

ÑϳÁ

Microsoft   Scripting Engine

CVE-2020-17052

¾ç±¾ÒýÇæÄÚ´æ°Ü»µ·ì϶

ÑϳÁ

Microsoft   Scripting Engine

CVE-2020-17054

Chakra¾ç±¾ÒýÇæÄÚ´æ°Ü»µ·ì϶

¸ßΣ

Microsoft   Teams

CVE-2020-17091

Microsoft   TeamsÔ¶³Ì´úÂëÖ´Ðзì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17032

WindowsÔ¶³Ì½Ó¼ûȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17033

WindowsÔ¶³Ì½Ó¼ûȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17026

WindowsÔ¶³Ì½Ó¼ûȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17031

WindowsÔ¶³Ì½Ó¼ûȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17027

WindowsÔ¶³Ì½Ó¼ûȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17030

Windows MSCTF   ServerÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17028

WindowsÔ¶³Ì½Ó¼ûȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17044

WindowsÔ¶³Ì½Ó¼ûȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17045

Windows   KernelStreamÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17046

WindowsÃýÎó»ã±¨»Ø¾ø·þÎñ·ì϶

µÍΣ

Microsoft   Windows

CVE-2020-17043

WindowsÔ¶³Ì½Ó¼ûȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17042

Windows Print   SpoolerÔ¶³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

Microsoft   Windows

CVE-2020-17041

Windows´òÓ¡ÅäÖÃȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17034

WindowsÔ¶³Ì½Ó¼ûȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17049

Kerberos°²È«Ö°ÄÜÈƹý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17051

WindowsÍøÂçÎļþϵͳԶ³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

Microsoft   Windows

CVE-2020-17040

Windows   Hyper-V°²È«Ö°ÄÜÈƹý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17047

WindowsÍøÂçÎļþϵͳ»Ø¾ø·þÎñ·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17036

WindowsÖ°ÄÜ·¢ÏÖSSDPÌṩ·¨Ê½ÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17000

Ô¶³Ì×ÀÃæºÍ̸¿Í»§¶ËÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-1599

WindowsºýŪ·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-16997

Ô¶³Ì×ÀÃæºÍ̸·þÎñÆ÷ÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17001

Windows Print   SpoolerȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17057

Windows Win32kȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17056

WindowsÍøÂçÎļþϵͳÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17055

WindowsÔ¶³Ì½Ó¼ûȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17010

Win32kȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17007

WindowsÃýÎó»ã±¨È¨ÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17014

Windows Print   SpoolerȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17025

WindowsÔ¶³Ì½Ó¼ûȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17024

Windows¿Í»§¶ËäÖȾ´òÓ¡Ìṩ·¨Ê½È¨ÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17013

Win32kÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17011

Windows¶Ë¿ÚÀà¿âȨÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows

CVE-2020-17012

Windows°ó¶¨É¸Ñ¡Æ÷Çý¶¯·¨Ê½È¨ÏÞÌáÉý·ì϶

¸ßΣ

Microsoft   Windows Codecs Library

CVE-2020-17106

HEVCÊÓÆ·©Õ¹Ô¶³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

Microsoft   Windows Codecs Library

CVE-2020-17101

HEIF Image   ExtensionsÔ¶³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

Microsoft   Windows Codecs Library

CVE-2020-17105

AV1ÊÓÆ·©Õ¹Ô¶³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

Microsoft   Windows Codecs Library

CVE-2020-17102

WebPͼÏñÀ©´óÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Windows Codecs Library

CVE-2020-17082

Raw Image   ExtensionÔ¶³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

Microsoft   Windows Codecs Library

CVE-2020-17086

Raw Image   ExtensionÔ¶³Ì´úÂëÖ´Ðзì϶

¸ßΣ

Microsoft   Windows Codecs Library

CVE-2020-17081

Microsoft Raw   Image ExtensionÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Windows Codecs Library

CVE-2020-17079

Raw Image   ExtensionÔ¶³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

Microsoft   Windows Codecs Library

CVE-2020-17078

Raw Image   ExtensionÔ¶³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

Microsoft   Windows Codecs Library

CVE-2020-17107

HEVCÊÓÆ·©Õ¹Ô¶³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

Microsoft   Windows Codecs Library

CVE-2020-17110

HEVCÊÓÆ·©Õ¹Ô¶³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

Microsoft   Windows Codecs Library

CVE-2020-17113

Windows Camera±à½âÂëÆ÷ÐÅϢй¶·ì϶

¸ßΣ

Microsoft   Windows Codecs Library

CVE-2020-17108

HEVCÊÓÆ·©Õ¹Ô¶³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

Microsoft   Windows Codecs Library

CVE-2020-17109

HEVCÊÓÆ·©Õ¹Ô¶³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

Visual   Studio

CVE-2020-17104

Visual Studio   Code JSHintÀ©´óÔ¶³Ì´úÂëÖ´Ðзì϶

¸ßΣ

Visual   Studio

CVE-2020-17100

Visual Studio´Û¸Ä·ì϶

¸ßΣ

Windows   Defender

CVE-2020-17090

Microsoft   Defender for Endpoint SecurityÖ°ÄÜÈƹý·ì϶

¸ßΣ

Windows   Kernel

CVE-2020-17035

WindowsÄÚºËȨÏÞÌáÉý·ì϶

¸ßΣ

Windows   Kernel

CVE-2020-17087

WindowsÄں˱¾µØȨÏÞÌáÉý·ì϶

¸ßΣ

Windows   NDIS

CVE-2020-17069

Windows NDISÐÅϢй¶·ì϶

¸ßΣ

Windows   Update Stack

CVE-2020-17074

Windows Update   Orchestrator·þÎñȨÏÞÌáÉý·ì϶

¸ßΣ

Windows   Update Stack

CVE-2020-17073

Windows Update   Orchestrator·þÎñȨÏÞÌáÉý·ì϶

¸ßΣ

Windows   Update Stack

CVE-2020-17071

Windows   Delivery OptimizationÐÅϢй¶·ì϶

¸ßΣ

Windows   Update Stack

CVE-2020-17075

Windows USO   Core WorkerȨÏÞÌáÉý·ì϶

¸ßΣ

Windows   Update Stack

CVE-2020-17070

Windows Update   Medic·þÎñȨÏÞÌáÉý·ì϶

¸ßΣ

Windows   Update Stack

CVE-2020-17077

Windows Update²Ö¿âȨÏÞÌáÉý·ì϶

¸ßΣ

Windows   Update Stack

CVE-2020-17076

Windows Update   Orchestrator·þÎñȨÏÞÌáÉý·ì϶

¸ßΣ

Windows   WalletService

CVE-2020-16999

Windows   WalletServiceÐÅϢй¶·ì϶

¸ßΣ

Windows   WalletService

CVE-2020-17037

Windows   WalletServiceȨÏÞÌáÉý·ì϶

¸ßΣ

  

±¾´Î°ä²¼µÄ°²È«¸üÐÂÖÐ £¬£¬£¬£¬£¬£¬ £¬£¬²¿ÃÅÑϳÁ·ì϶ÈçÏ£º

Windows NFSÔ¶³Ì´úÂëÖ´Ðзì϶£¨CVE-2020-17051£©

Windows NFSÊÇÒ»ÖÖÍøÂçÎļþϵͳ £¬£¬£¬£¬£¬£¬ £¬£¬Óû§Äܹ»Í¨¹ýNFS½Ó¼ûÍøÂçÉϵÄÎļþ²¢½«ËüÃÇÏñ±¾µØÎļþÒ»Ñù²Ù×÷¡£¡£¡£ ¡£¡£¡£¡£¹¥»÷ÕßÄܹ»ÀûÓô˷ì϶À´½Ó¼ûϵͳ £¬£¬£¬£¬£¬£¬ £¬£¬²¢Ô¶³ÌÖ´ÐжñÒâ´úÂë¡£¡£¡£ ¡£¡£¡£¡£¸Ã·ì϶CVSSÆÀ·Ö9.8¡£¡£¡£ ¡£¡£¡£¡£

·ì϶ÏêÇéÈçÏ£º

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17051

 

Windows cng.sysȨÏÞÌáÉý·ì϶£¨CVE-2020-17087£©

¸Ã·ì϶µÄϸ½ÚÒÑÔÚ֮ǰÅû¶¡£¡£¡£ ¡£¡£¡£¡£

ÏêÇéÈçÏ£º

/new_type/aqtg/20201102/22021.html

 

0x02 ´ëÖý¨Òé

Ä¿Ç°MicrosoftÒÑ°ä²¼°²È«¸üР£¬£¬£¬£¬£¬£¬ £¬£¬½¨ÒéʵʱװÖÃÓйز¹¶¡¡£¡£¡£ ¡£¡£¡£¡£

£¨Ò»£© Windows update¸üÐÂ

×Ô¶¯¸üУº

Microsoft UpdateĬÈÏÆôÓà £¬£¬£¬£¬£¬£¬ £¬£¬µ±ÏµÍ³¼ì²âµ½¿ÉÓøüÐÂʱ £¬£¬£¬£¬£¬£¬ £¬£¬½«»á×Ô¶¯ÏÂÔظüв¢±ÉÈËÒ»´ÎÆô¶¯Ê±×°Öᣡ£¡£ ¡£¡£¡£¡£

ÊÖ¶¯¸üУº

1¡¢µã»÷¡°ÆðÍ·²Ëµ¥¡±»ò°´Windows¿ì½Ý¼ü £¬£¬£¬£¬£¬£¬ £¬£¬µã»÷½øÈë¡°ÉèÖá±

2¡¢Ñ¡Ôñ¡°¸üкͰ²È«¡± £¬£¬£¬£¬£¬£¬ £¬£¬½øÈë¡°Windows¸üС±£¨Windows 8¡¢Windows 8.1¡¢Windows Server 2012ÒÔ¼°Windows Server 2012 R2¿Éͨ¹ý½ÚÔìÃæ°å½øÈë¡°Windows¸üС± £¬£¬£¬£¬£¬£¬ £¬£¬¾ßÌå²½ÖèΪ¡°½ÚÔìÃæ°å¡±->¡°ÏµÍ³ºÍ°²È«¡±->¡°Windows¸üС±£©

3¡¢Ñ¡Ôñ¡°²é³­¸üС± £¬£¬£¬£¬£¬£¬ £¬£¬ÆÚ´ýϵͳ½«×Ô¶¯²é³­²¢ÏÂÔØ¿ÉÓøüС£¡£¡£ ¡£¡£¡£¡£

4¡¢³ÁÆôÍÆËã»ú £¬£¬£¬£¬£¬£¬ £¬£¬×°ÖøüÐÂϵͳ³ÁÐÂÆô¶¯ºó £¬£¬£¬£¬£¬£¬ £¬£¬¿Éͨ¹ý½øÈë¡°Windows¸üС±->¡°²é¿´¸üк¹Çà¼Í¼¡±²é¿´ÊÇ·ñ³É¹¦×°ÖÃÁ˸üС£¡£¡£ ¡£¡£¡£¡£¶ÔÓÚûÓгɹ¦×°ÖõĸüР£¬£¬£¬£¬£¬£¬ £¬£¬Äܹ»µã»÷¸Ã¸üÐÂÃû³Æ½øÈë΢Èí¹Ù·½¸üÐÂÃèÊöÁ´½Ó £¬£¬£¬£¬£¬£¬ £¬£¬µã»÷×îеÄSSUÃû³Æ²¢ÔÚÐÂÁ´½ÓÖеã»÷¡°Microsoft ¸üÐÂĿ¼¡± £¬£¬£¬£¬£¬£¬ £¬£¬¶øºóÔÚÐÂÁ´½Óµ±Ñ¡ÔñºÏÓÃÓÚÖ¸±êϵͳµÄ²¹¶¡½øÐÐÏÂÔز¢×°Öᣡ£¡£ ¡£¡£¡£¡£

 

£¨¶þ£© ÊÖ¶¯×°ÖøüÐÂ

΢Èí¹Ù·½ÏÂÔØÏàÓ¦²¹¶¡½øÐиüС£¡£¡£ ¡£¡£¡£¡£

ÏÂÔصØÖ·£º

https://msrc.microsoft.com/update-guide/en-us


0x03 ²Î¿¼Á´½Ó

https://msrc.microsoft.com/update-guide/en-us

https://threatpost.com/microsoft-patch-tuesday-critical-bugs/161098/

https://www.theregister.com/2020/11/11/patch_tuesday_updates/

 

0x04 ¹¦·òÏß

2020-11-10  Microsoft°ä²¼°²È«¸üÐÂ

2020-11-11  VSRC°ä²¼°²È«¹«¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö³ß¶È¹ÙÍø£ºhttp://www.first.org/cvss/

 

image.png