2ÔÂ11ÈÕ£¬Î¢ÈíÐû²¼ÁË2020Äê2Ô·ݵÄÔ¶ÈÀýÐÐÇ徲ͨ¸æ£¬ÐÞ¸´ÁËÆä¶à¿î²úÆ·±£´æµÄ373¸öÇå¾²Îó²î�¡�£¡£ÊÜÓ°ÏìµÄ²úÆ·°üÀ¨�£º�£º£ºWindows 10 1909 & WindowsServer v1909£¨71¸ö£©�¡¢�¡¢�¡¢Windows 10 1903 & WindowsServer v1903£¨72¸ö£©�¡¢�¡¢�¡¢Windows 10 1809 & WindowsServer 2019£¨69¸ö£©�¡¢�¡¢�¡¢Windows 8.1 & Server 2012 R2£¨49¸ö£©�¡¢�¡¢�¡¢Windows RT 8.1£¨48¸ö£©�¡¢�¡¢�¡¢Windows Server 2012£¨49¸ö£©�¡¢�¡¢�¡¢Microsoft Edge (HTML)£¨7¸ö£©�¡¢�¡¢�¡¢Internet Explore£¨3¸ö£©ºÍMicrosoft Office-related software£¨5¸ö£©�¡�£¡£
ʹÓÃÉÏÊöÎó²î£¬¹¥»÷Õß¿ÉÒÔ»ñÈ¡Ãô¸ÐÐÅÏ¢£¬ÌáÉýȨÏÞ£¬ÓÕÆ£¬ÈƹýÇå¾²¹¦Ð§ÏÞÖÆ£¬Ö´ÐÐÔ¶³Ì´úÂ룬»ò¾ÙÐоܾø·þÎñ¹¥»÷µÈ�¡�£¡£ÇëMicrosoftÓû§¾¡¿ìÏÂÔز¹¶¡¸üУ¬×èÖ¹Òý·¢Îó²îÏà¹ØµÄÍøÂçÇå¾²ÊÂÎñ�¡�£¡£
CVE±àºÅ | ͨ¸æÎÊÌâºÍÕªÒª | ×î¸ßÑÏÖØÆ·¼¶ºÍÎó²îÓ°Ïì | ÊÜÓ°ÏìµÄÈí¼þ |
CVE-2020-0738 | Media FoundationÄÚ´æÆÆËðÎó²î µ±Windows Media FoundationδÄÜ׼ȷµØ´¦ÀíÄÚ´æÖеŤ¾ßʱ£¬±£´æÄÚ´æÆÆËðÎó²î�¡�£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔ×°ÖóÌÐò£»�£»Éó²é�¡¢�¡¢�¡¢¸ü¸Ä»òɾ³ýÊý¾Ý£»�£»»ò½¨Éè¾ßÓÐÍêÈ«Óû§È¨ÏÞµÄÐÂÕÊ»§�¡�£¡£ ¹¥»÷Õß¿ÉÒÔͨ¹ý¶àÖÖ·½Ê½Ê¹ÓôËÎó²î£¬ÀýÈç˵·þÓû§·¿ªÈ«ÐÄÌåÀýµÄÎĵµ£¬»ò˵·þÓû§»á¼û¶ñÒâÍøÒ³�¡�£¡£ Çå¾²¸üÐÂͨ¹ý¸üÕýWindows Media FoundationÈçÄÇÀïÖÃÄÚ´æÖеŤ¾ßÀ´½â¾ö´ËÎó²î�¡�£¡£ | ÑÏÖØ Ô¶³ÌÖ´ÐдúÂë | Windows 10 Server 2016 Server 2019 Server, version 1803 Server, version 1903 Server, version 1909 Windows 8.1 Server 2012 Server 2012 R2 |
CVE-2020-0689 | Microsoft Secure BootÇå¾²¹¦Ð§ÈƹýÎó²î Secure Boot±£´æÇå¾²¹¦Ð§ÈƹýÎó²î�¡�£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔÈƹýÇå¾²Ö¸µ¼²¢¼ÓÔز»ÊÜÐÅÈεÄÈí¼þ�¡�£¡£ÒªÊ¹ÓôËÎó²î£¬¹¥»÷Õß¿ÉÒÔÔËÐй¹½¨µÄÓ¦ÓóÌÐò�¡�£¡£ Çå¾²¸üÐÂͨ¹ý×èÖ¹Ò×Êܹ¥»÷µÄµÚÈý·½Ö¸µ¼¼ÓÔسÌÐòÀ´½â¾ö¸ÃÎó²î�¡�£¡£ | Ö÷Òª ÈƹýÇå¾²¹¦Ð§ | Windows 10 Server 2016 Server 2019 Server, version 1803 Server, version 1903 Server, version 1909 Windows 8.1 Server 2012 Server 2012 R2 |
CVE-2020-0681 | Remote Desktop ClientÔ¶³Ì´úÂëÖ´ÐÐÎó²î µ±Óû§ÅþÁ¬µ½¶ñÒâ·þÎñÆ÷ʱ£¬ Windows Remote Desktop Client±£´æÔ¶³Ì´úÂëÖ´ÐÐÎó²î�¡�£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔÔÚÅþÁ¬¿Í»§¶ËµÄÅÌËã»úÉÏÖ´ÐÐí§Òâ´úÂë�¡�£¡£È»ºó£¬¹¥»÷Õß¿ÉÒÔ×°ÖóÌÐò£»�£»Éó²é�¡¢�¡¢�¡¢¸ü¸Ä»òɾ³ýÊý¾Ý£»�£»»ò½¨Éè¾ßÓÐÍêÈ«Óû§È¨ÏÞµÄÐÂÕÊ»§�¡�£¡£ ҪʹÓôËÎó²î£¬¹¥»÷ÕßÐèÒª¿ØÖÆ·þÎñÆ÷£¬È»ºó˵·þÓû§ÅþÁ¬µ½¸Ã·þÎñÆ÷�¡�£¡£¹¥»÷ÕßÎÞ·¨Ç¿ÆÈÓû§ÅþÁ¬µ½¶ñÒâ·þÎñÆ÷£¬ËûÃÇÐèҪͨ¹ýÉç»á¹¤³Ì�¡¢�¡¢�¡¢DNSÖж¾»òʹÓÃÖÐÐÄÈË£¨MITM£©ÊÖÒÕÓÕÆÓû§ÅþÁ¬�¡�£¡£¹¥»÷Õß»¹¿ÉÄÜÎ�£º�£º£º¦Õýµ±·þÎñÆ÷£¬ÔÚÆäÉÏÍйܶñÒâ´úÂ룬²¢ÆÚ´ýÓû§ÅþÁ¬�¡�£¡£ ´Ë¸üÐÂͨ¹ý¸üÕýWindowsÔ¶³Ì×ÀÃæ¿Í»§¶Ë´¦ÀíÅþÁ¬ÇëÇóµÄ·½Ê½À´½â¾ö´ËÎó²î�¡�£¡£ | ÑÏÖØ Ô¶³ÌÖ´ÐдúÂë | Windows 10 Server 2016 Server 2019 Server, version 1803 Server, version 1903 Server, version 1909 Windows 8.1 Server 2012 Server 2012 R2 |
CVE-2020-0683/0686 | Windows InstallerȨÏÞÌáÉýÎó²î µ±MSI°ü´¦Àí·ûºÅÁ´½Óʱ£¬Windows InstallerÖб£´æȨÏÞÌáÉýÎó²î�¡�£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔÈƹý»á¼ûÏÞÖÆÀ´Ìí¼Ó»òɾ³ýÎļþ�¡�£¡£ ҪʹÓôËÎó²î£¬¹¥»÷ÕßÊ×ÏȱØÐèµÇ¼µ½ÏµÍ³�¡�£¡£È»ºó£¬¹¥»÷Õß¿ÉÒÔÔËÐÐÇÉÈ«ÐÄ˼¹¹½¨µÄÓ¦ÓóÌÐò£¬Ê¹ÓôËÎó²î²¢Ìí¼Ó»òɾ³ýÎļþ�¡�£¡£ Çå¾²¸üÐÂͨ¹ýÐÞ¸ÄWindows×°ÖóÌÐò´¦ÀíÖØÆÊÎöµãµÄ·½Ê½À´½â¾ö¸ÃÎó²î�¡�£¡£ | Ö÷Òª ÌØȨÌáÉý | Windows 10 Server 2016 Server 2019 Server, version 1803 Server, version 1903 Server, version 1909 Windows 8.1 Server 2012 Server 2012 R2 |
CVE-2020-0674 | Scripting EngineÄÚ´æÆÆËðÎó²î Internet ExplorerÖд¦ÀíÄÚ´æÖй¤¾ßµÄ·½Ê½±£´æÔ¶³Ì´úÂëÖ´ÐÐÎó²î�¡�£¡£¸ÃÎó²î¿ÉÄÜ»áÆÆËðÄڴ棬ʹµÃ¹¥»÷Õß¿ÉÒÔÔÚÄ¿½ñÓû§µÄÉÏÏÂÎÄÖÐÖ´ÐÐí§Òâ´úÂë�¡�£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔ»ñµÃÓëÄ¿½ñÓû§ÏàͬµÄÓû§È¨ÏÞ�¡�£¡£ÈôÊÇÄ¿½ñÓû§Ê¹ÓÃÖÎÀíÓû§È¨Ï޵Ǽ£¬ÔòÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔ¿ØÖÆÊÜÓ°ÏìµÄϵͳ�¡�£¡£È»ºó£¬¹¥»÷Õß¿ÉÒÔ×°ÖóÌÐò£»�£»Éó²é�¡¢�¡¢�¡¢¸ü¸Ä»òɾ³ýÊý¾Ý£»�£»»ò½¨Éè¾ßÓÐÍêÈ«Óû§È¨ÏÞµÄÐÂÕÊ»§�¡�£¡£ | ÑÏÖØ Ô¶³ÌÖ´ÐдúÂë | Internet Explorer 10 Internet Explorer 9 Internet Explorer 11 |
CVE-2020-0706 | Microsoft BrowserÐÅϢй¶Îó²î Microsoft browsers´¦Àí½»Ö¯ÔµãÇëÇóµÄ·½Ê½±£´æÐÅϢй¶Îó²î�¡�£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔÈ·¶¨ÊÜÓ°Ïìä¯ÀÀÆ÷ÖÐËùÓÐÍøÒ³µÄȪԴ�¡�£¡£ | Ö÷Òª ÐÅϢй¶ | Microsoft Edge (HTML) Internet Explorer 9 Internet Explorer 10 Internet Explorer 11 |
CVE-2020-0759 | Microsoft ExcelÔ¶³Ì´úÂëÖ´ÐÐÎó²î µ±Èí¼þδÄÜ׼ȷ´¦ÀíÄÚ´æÖеŤ¾ßʱ£¬Microsoft ExcelÖб£´æÔ¶³Ì´úÂëÖ´ÐÐÎó²î�¡�£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔÔÚÄ¿½ñÓû§µÄÉÏÏÂÎÄÖÐÔËÐÐí§Òâ´úÂë�¡�£¡£ÈôÊÇÄ¿½ñÓû§Ê¹ÓÃÖÎÀíÓû§È¨Ï޵Ǽ£¬Ôò¹¥»÷Õß¿ÉÒÔ¿ØÖÆÊÜÓ°ÏìµÄϵͳ�¡�£¡£È»ºó£¬¹¥»÷Õß¿ÉÒÔ×°ÖóÌÐò£»�£»Éó²é�¡¢�¡¢�¡¢¸ü¸Ä»òɾ³ýÊý¾Ý£»�£»»ò½¨Éè¾ßÓÐÍêÈ«Óû§È¨ÏÞµÄÐÂÕÊ»§�¡�£¡£½«ÕÊ»§ÉèÖÃΪÔÚϵͳÉÏÓµÓнÏÉÙÓû§È¨ÏÞµÄÓû§¿ÉÄܱÈʹÓÃÖÎÀíÓû§È¨ÏÞ²Ù×÷µÄÓû§ÊÜÓ°Ïì¸üС�¡�£¡£ Çå¾²¸üÐÂͨ¹ý¸üÕýMicrosoft ExcelÈçÄÇÀïÖÃÄÚ´æÖеŤ¾ßÀ´½â¾ö´ËÎó²î�¡�£¡£ | Ö÷Òª Ô¶³ÌÖ´ÐдúÂë | Office 2019 Office 365 ProPlus Excel 2010 Excel 2013 Excel 2016 Office 2016 for Mac Office 2019 for Mac |
CVE-2020-0693 | Microsoft Office SharePoint XSSÎó²î µ±Microsoft SharePoint ServerδÄÜ׼ȷ¶ÔÊÜÓ°ÏìµÄSharePoint·þÎñÆ÷¾ÙÐÐÖÆ×÷µÄWebÇëÇóʱ£¬±£´æ¿çÕ¾¾ç±¾£¨XSS£©Îó²î�¡�£¡£¾ÓÉÉí·ÝÑéÖ¤µÄ¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°ÏìµÄSharePoint·þÎñÆ÷·¢Ë͹¹½¨µÄÇëÇóÀ´Ê¹ÓôËÎó²î�¡�£¡£ ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔ¶ÔÊÜÓ°ÏìµÄϵͳִÐпçÕ¾¾ç±¾¹¥»÷£¬²¢ÔÚÄ¿½ñÓû§µÄÇå¾²ÉÏÏÂÎÄÖÐÔËÐо籾�¡�£¡£ÕâЩ¹¥»÷¿Éʹ¹¥»÷Õ߶Áȡδ¾ÊÚȨ¶ÁÈ¡µÄÄÚÈÝ£¬Ê¹ÓÃÊܺ¦ÕßÉí·Ý´ú±íÓû§ÔÚSharePointÍøÕ¾ÉÏÖ´Ðиü¸ÄȨÏÞºÍɾ³ýÄÚÈݵȲÙ×÷£¬²¢ÔÚÓû§ä¯ÀÀÆ÷ÖвåÈë¶ñÒâÄÚÈÝ�¡�£¡£ Çå¾²¸üÐÂͨ¹ý×ÊÖúÈ·±£SharePoint·þÎñÆ÷׼ȷµØÕûÀíwebÇëÇóÀ´½â¾ö¸ÃÎó²î�¡�£¡£ | Ö÷Òª ÓÕÆ | SharePoint Enterprise Server 2016 SharePoint Server 2019 Mitigations SharePoint Server 2013 |
²Î¿¼ÐÅÏ¢�£º�£º£º
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv990001
https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stackupdates#why-should-servicing-stack-updates-be-installed-and-kept-up-to-date
