漏洞背景

2019年8月14日微軟發(fā)布的安全更新中除了RDP漏洞還涵蓋了針對(duì)多個(gè)遠(yuǎn)程代碼執(zhí)行高危漏洞的修復(fù)。

• Microsoft Word遠(yuǎn)程代碼執(zhí)行漏洞， 漏洞編號(hào)CVE-2019-0585。
• Windows DHCP客戶端遠(yuǎn)程代碼執(zhí)行漏洞， 漏洞編號(hào)CVE-2019-0736。
• LNK遠(yuǎn)程代碼執(zhí)行漏洞，漏洞編號(hào)CVE-2019-1188。

漏洞詳情

• LNK遠(yuǎn)程代碼執(zhí)行漏洞CVE-2019-1188

這個(gè)LNK遠(yuǎn)程代碼執(zhí)行漏洞和之前Stuxnet利用的LNK漏洞及其繞過(guò)類(lèi)似。如果系統(tǒng)處理了攻擊者準(zhǔn)備的.LNK文件，則攻擊者可能可以遠(yuǎn)程執(zhí)行代碼。攻擊者可以通過(guò)可移動(dòng)驅(qū)動(dòng)器(如U盤(pán))或者遠(yuǎn)程共享的方式攻擊。

該漏洞影響下列版本的操作系統(tǒng)：

Windows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1709 for 64-based SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1803 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows Server 2019Windows Server 2019 (Server Core installation)Windows Server, version 1803 (Server Core Installation)Windows Server, version 1903 (Server Core installation)

• Microsoft Word遠(yuǎn)程代碼執(zhí)行漏洞CVE-2019-0585

大多數(shù)word補(bǔ)丁被評(píng)為Important，但這一個(gè)被評(píng)為Critical。通常的word漏洞需要受害者在word中打開(kāi)存在漏洞的word文檔。對(duì)于這個(gè)漏洞攻擊媒介是Outlook預(yù)覽窗格，因此攻擊者需要將準(zhǔn)備的word文檔或者其鏈接通過(guò)電子郵件發(fā)送給受害者，如果受害者在Outlook預(yù)覽窗格中打開(kāi)則可能利用此漏洞執(zhí)行任意代碼。

該漏洞影響下列版本的office：

Microsoft Office 2010 Service Pack 2 (32-bit editions)Microsoft Office 2010 Service Pack 2 (64-bit editions)Microsoft Office 2016 for MacMicrosoft Office 2019 for 32-bit editionsMicrosoft Office 2019 for 64-bit editionsMicrosoft Office 2019 for MacMicrosoft Office Online ServerMicrosoft Office Web Apps 2010 Service Pack 2Microsoft Office Word ViewerMicrosoft SharePoint Enterprise Server 2013 Service Pack 1Microsoft SharePoint Enterprise Server 2016Microsoft SharePoint Server 2019Microsoft Word 2010 Service Pack 2 (32-bit editions)Microsoft Word 2010 Service Pack 2 (64-bit editions)Microsoft Word 2013 RT Service Pack 1Microsoft Word 2013 Service Pack 1 (32-bit editions)Microsoft Word 2013 Service Pack 1 (64-bit editions)Microsoft Word 2016 (32-bit edition)Microsoft Word 2016 (64-bit edition)Office 365 ProPlus for 32-bit SystemsOffice 365 ProPlus for 64-bit SystemsWord Automation Services

• Windows DHCP客戶端遠(yuǎn)程代碼執(zhí)行漏洞CVE-2019-0736

如果攻擊者向受影響的目標(biāo)發(fā)送一個(gè)經(jīng)過(guò)特殊設(shè)計(jì)的DHCP包，這個(gè)漏洞可能允許攻擊者執(zhí)行任意代碼。這個(gè)過(guò)程不涉及用戶交互或身份驗(yàn)證，理論上也是蠕蟲(chóng)化的。

該漏洞影響下列版本的操作系統(tǒng)：

Windows 10 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 Version 1607 for x64-based SystemsWindows 10 Version 1703 for 32-bit SystemsWindows 10 Version 1703 for x64-based SystemsWindows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1709 for 64-based SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1803 for x64-based SystemsWindows 7 for 32-bit Systems Service Pack 1Windows 7 for x64-based Systems Service Pack 1Windows 8.1 for 32-bit systemsWindows 8.1 for x64-based systemsWindows RT 8.1Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for Itanium-Based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2012Windows Server 2012 (Server Core installation)Windows Server 2012 R2Windows Server 2012 R2 (Server Core installation)Windows Server 2016Windows Server 2016 (Server Core installation)Windows Server, version 1803 (Server Core Installation)

修復(fù)建議

360安全大腦建議通過(guò)安裝360安全衛(wèi)士進(jìn)行一鍵更新。應(yīng)及時(shí)進(jìn)行Microsoft Windows版本更新并且保持Windows自動(dòng)更新開(kāi)啟，也可以通過(guò)下載參考鏈接中的軟件包，手動(dòng)進(jìn)行升級(jí)。

360官網(wǎng)_360安全衛(wèi)士_360官方下載_360正版-360殺毒軟件下載?weishi.360.cn

總結(jié)

以上是生活随笔為你收集整理的js word 预览_微软补丁日：Word/DHCP/LNK远程代码执行漏洞预警的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。