漏洞概要
2022年4月12日(北京时间),微软发布了安全更新,共发布了129个CVE的补丁程序,同比上月增加了58个。
在漏洞安全等级方面,存在10标记等级为“Critical”的漏洞,116个漏洞被标记为“Important”; 在漏洞类型方面,主要有48个远程代码执行漏洞,56个权限提升漏洞以及10个信息泄露漏洞。
影响范围
受影响版本 |
|
Windows 网络文件系统远程代码执行漏洞 CVE-2022-24497 |
Windows 8.1 for 32/64-bit Systems Windows RT 8.1 Windows 10 for 32/64-bit Systems Windows 10 Version 1607 for 32/64-bit Systems Windows 10 Version 1809/1909/20H2/21H1/21H2 for 32/64-bit/ARM64-based Systems Windows 11 for ARM64-based/x64-based Systems Windows Server 2012/2016/2019/2022 Windows Server 2012/2016/2019/2022 (Server Core installation) Windows Server, version 20H2 (Server Core Installation) |
Windows 通用日志文件系统驱动程序提升权限漏洞 CVE-2022-24521 |
Windows 10 for 32-bit/ x64-bit Systems Windows 10 Version 1607for 32-bit/64-bit Systems Windows 10 Version 1809/1909/20H2/21H1//21H2 for 32/64-bit/ARM64-based Systems Windows 11 for ARM64-based/x64-based Systems Windows 7 for 32-bit/x64-based Systems Service Pack 1 Windows 8.1 for 32-bit/x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit/x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit/x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012/2012 R2/2016/2019/2022 Windows Server 2012/2012 R2/2016/2019/2022 (Server Core installation) Windows Server, version 20H2 (Server Core Installation) |
Windows远程过程调用运行时远程执行代码漏洞 CVE-2022-26809 |
Windows 10 for 32-bit/ x64-bit Systems Windows 10 Version 1607 for 32/64-bit Systems Windows 10 Version 1809/1909/20H2/21H1/21H2 for 32/64-bit/ARM64-based Systems Windows 11 for ARM64-based/x64-based Systems Windows 7 for 32-bit/x64-based Systems Service Pack 1 Windows 8.1 for 32-bit/x64-based systems Windows Server 2008 for 32-bit/x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit/x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012/2012 R2/2016/2019/2022 Windows Server 2012/2012 R2/2016/2019/2022 (Server Core installation) Windows Server, version 20H2 (Server Core Installation) |
修复建议
微软官方已更新受影响软件的安全补丁,用户可根据不同系统版本下载安装对应的安全补丁。