微软宣布12月补丁修复39个清静问题清静威胁通告

2018-12-12

宣布者：AG公司科技

综述

微软于周二宣布了12月清静更新补丁，修复了39个从简朴的诱骗攻击到远程执行代码的清静问题，产品涉及.NET Framework、Adobe Flash Player、Internet Explorer、Microsoft Dynamics、Mi2crosoft Exchange Server、Microsoft Graphics Component、Microsoft Office、Microsoft Office SharePoint、Microsoft scripting Engine、Microsoft Windows、Microsoft Windows DNS、Visual Studio、Windows Authentication Methods、Windows Azure Pack、Windows Kernel以及Windows Kernel-Mode Drivers。

相关信息如下（红色部分威胁相对较量高）：

产品	CVE编号	CVE问题
.NET Framework	CVE-2018-8517	.NET Framework Denial Of Service Vulnerability
.NET Framework	CVE-2018-8540	.NET Framework Remote Code Injection Vulnerability
Adobe Flash Player	ADV180031	December 2018 Adobe Flash清静更新
Internet Explorer	CVE-2018-8619	Internet Explorer远程代码执行误差
Internet Explorer	CVE-2018-8631	Internet Explorer内存破损误差
Microsoft Dynamics	CVE-2018-8651	Microsoft Dynamics NAV Cross Site scripting Vulnerability
Microsoft Exchange Server	CVE-2018-8604	Microsoft Exchange Server Tampering Vulnerability
Microsoft Graphics Component	CVE-2018-8595	Windows GDI信息泄露误差
Microsoft Graphics Component	CVE-2018-8596	Windows GDI信息泄露误差
Microsoft Graphics Component	CVE-2018-8638	DirectX信息泄露误差
Microsoft Graphics Component	CVE-2018-8639	Win32k特权提升误差
Microsoft Office	CVE-2018-8587	Microsoft Outlook远程代码执行误差
Microsoft Office	CVE-2018-8597	Microsoft Excel远程代码执行误差
Microsoft Office	CVE-2018-8598	Microsoft Excel信息泄露误差
Microsoft Office	CVE-2018-8627	Microsoft Excel信息泄露误差
Microsoft Office	CVE-2018-8628	Microsoft PowerPoint远程代码执行误差
Microsoft Office	CVE-2018-8636	Microsoft Excel远程代码执行误差
Microsoft Office SharePoint	CVE-2018-8580	Microsoft SharePoint信息泄露误差
Microsoft Office SharePoint	CVE-2018-8635	Microsoft SharePoint Server特权提升误差
Microsoft scripting Engine	CVE-2018-8583	Chakra scripting Engine内存破损误差
Microsoft scripting Engine	CVE-2018-8617	Chakra scripting Engine内存破损误差
Microsoft scripting Engine	CVE-2018-8618	Chakra scripting Engine内存破损误差
Microsoft scripting Engine	CVE-2018-8624	Chakra scripting Engine内存破损误差
Microsoft scripting Engine	CVE-2018-8625	Windows vbscript Engine远程代码执行误差
Microsoft scripting Engine	CVE-2018-8629	Chakra scripting Engine内存破损误差
Microsoft scripting Engine	CVE-2018-8643	scripting Engine内存破损误差
Microsoft Windows	CVE-2018-8649	Windows拒绝服务误差
Microsoft Windows DNS	CVE-2018-8514	Remote Procedure Call runtime信息泄露误差
Microsoft Windows DNS	CVE-2018-8626	Windows DNS Server Heap Overflow Vulnerability
Visual Studio	CVE-2018-8599	Diagnostics Hub Standard Collector Service特权提升误差
Windows Authentication Methods	CVE-2018-8634	Microsoft Text-To-Speech远程代码执行误差
Windows Azure Pack	CVE-2018-8652	Windows Azure Pack Cross Site scripting Vulnerability
Windows Kernel	CVE-2018-8477	Windows Kernel信息泄露误差
Windows Kernel	CVE-2018-8611	Windows Kernel特权提升误差
Windows Kernel	CVE-2018-8612	Connected User Experiences and Telemetry Service拒绝服务误差
Windows Kernel	CVE-2018-8621	Windows Kernel信息泄露误差
Windows Kernel	CVE-2018-8622	Windows Kernel信息泄露误差
Windows Kernel	CVE-2018-8637	Win32k信息泄露误差
Windows Kernel-Mode Drivers	CVE-2018-8641	Win32k特权提升误差