正在加载中...

网站公告

返回
微软“11月周二补丁日”发布53个windows漏洞补丁

万维景盛消息,美国时间2017年11月14日,微软发布11月度安全漏洞公告。本月的漏洞公告解决了53个漏洞,其中包括19个严重漏洞,31个重要和3个中度级别漏洞。这些漏洞影响:微软 Edge、IE浏览器,微软的脚本引擎等其他产品。其中浏览器产品(CVE-2017-11848、CVE-2017-11827)、ASP.NET (CVE-2017-8700)存在信息泄露风险,需要重点关注。

 

具体公告详情如下:

  • Internet Explorer

  • Microsoft Edge

  • Microsoft Windows

  • Microsoft Office and Microsoft Office Services and Web Apps

  • ASP.NET Core and .NET Core

  • Chakra Core

 

安全建议:

 

阿里云友情提示阿里云用户关注,并根据业务情况及时更新补丁,以提高服务器安全性。

1.建议用户打开Windows Update功能,然后点击“检查更新”按钮,根据业务情况下载安装相关安全补丁; 

2.安装完毕后重启服务器,检查系统运行情况。 

 

注意:在更新安装升级前,建议做好测试工作,并务必做好数据备份和快照,防止出现意外。

漏洞影响范围:

十一月发布的漏洞公告涉及到的微软产品:

  • Internet Explorer

  • Microsoft Edge

  • Microsoft Windows

  • Microsoft Office and Microsoft Office Services and Web Apps

  • ASP.NET Core and .NET Core

  • Chakra Core

严重漏洞

  • CVE-2017-11836 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11837 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11838 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11839 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11840 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11841 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11843 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11845 - Microsoft Edge Memory Corruption Vulnerability

  • CVE-2017-11846 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11855 - Internet Explorer Memory Corruption Vulnerability

  • CVE-2017-11856 - Internet Explorer Memory Corruption Vulnerability

  • CVE-2017-11858 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11861 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11862 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11866 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11869 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11870 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11871 - Scripting Engine Memory Corruption Vulnerability

  • CVE-2017-11873 - Scripting Engine Memory Corruption Vulnerability

高危漏洞

  • CVE-2017-11768 - Windows Media Player Information Disclosure Vulnerability

  • CVE-2017-11770 - ASP.NET Core Denial Of Service Vulnerability

  • CVE-2017-11788 - Windows Search Denial of Service Vulnerability

  • CVE-2017-11791 - Scripting Engine Information Disclosure Vulnerability

  • CVE-2017-11803 - Microsoft Edge Information Disclosure Vulnerability

  • CVE-2017-11827 - Microsoft Browser Memory Corruption Vulnerability

  • CVE-2017-11830 - Device Guard Security Feature Bypass Vulnerability

  • CVE-2017-11831 - Windows Information Disclosure Vulnerability

  • CVE-2017-11832 - Windows EOT Font Engine Information Disclosure Vulnerability

  • CVE-2017-11833 - Microsoft Edge Information Disclosure Vulnerability

  • CVE-2017-11834 - Scripting Engine Information Disclosure Vulnerability

  • CVE-2017-11835 - Windows EOT Font Engine Information Disclosure Vulnerability

  • CVE-2017-11842 - Windows Kernel Information Disclosure Vulnerability

  • CVE-2017-11844 - Microsoft Edge Information Disclosure Vulnerability

  • CVE-2017-11847 - Windows Kernel Elevation of Privilege Vulnerability

  • CVE-2017-11849 - Windows Kernel Information Disclosure Vulnerability

  • CVE-2017-11850 - Microsoft Graphics Component Information Disclosure Vulnerability

  • CVE-2017-11851 - Windows Kernel Information Disclosure Vulnerability

  • CVE-2017-11852 - Windows GDI Information Disclosure Vulnerability

  • CVE-2017-11853 - Windows Kernel Information Disclosure Vulnerability

  • CVE-2017-11854 - Microsoft Word Memory Corruption Vulnerability

  • CVE-2017-11863 - Microsoft Edge Security Feature Bypass Vulnerability

  • CVE-2017-11872 - Microsoft Edge Security Feature Bypass Vulnerability

  • CVE-2017-11874 - Microsoft Edge Security Feature Bypass Vulnerability

  • CVE-2017-11877 - Microsoft Excel Security Feature Bypass Vulnerability

  • CVE-2017-11878 - Microsoft Excel Memory Corruption Vulnerability

  • CVE-2017-11879 - ASP.NET Core Elevation Of Privilege Vulnerability

  • CVE-2017-11880 - Windows Information Disclosure Vulnerability

  • CVE-2017-11882 - Microsoft Office Memory Corruption Vulnerability

  • CVE-2017-11884 - Microsoft Office Memory Corruption Vulnerability

中危漏洞

  • CVE-2017-11848 - Internet Explorer Information Disclosure Vulnerability

  • CVE-2017-11876 - Microsoft Project Server Elevation of Privilege Vulnerability

  • CVE-2017-8700 - ASP.NET Core Information Disclosure Vulnerability

安全建议:

  • 阿里云安全团队建议用户关注,并根据业务情况择机更新补丁,以提高服务器安全性:

  • 建议用户打开Windows Update功能,然后点击“检查更新”按钮,根据业务情况下载安装相关安全补丁,安装完毕后重启服务器,检查系统运行情况。

注意:在更新安装升级前,建议做好测试工作,并务必做好数据备份和快照,防止出现意外。

如果您已经购买了万维景盛服务器代维服务,我司将为您打补丁。有意将服务器委托我司维护的用户请联系客服QQ442956988

通过万维景盛代购阿里云服务器、高防ip和其他全线产品可以享受折上折,欢迎垂询!