大家好,我们是微软大中华区安全支持团队。
微软于北京时间6月12日清晨发布5个安全补丁,其中1个为最高级别严重等级,4个为重要等级,共修复、Microsoft Windows、Microsoft Office和Internet Explorer 中的23个安全漏洞。请特别优先部署严重等级补丁 MS13-047 和 MS13-051。
MS13-047 | Internet Explorer 的累积性安全更新
此安全更新解决 Internet Explorer 中的 19 个安全漏洞。这些漏洞可能在用户使用 Internet Explorer 查看特制网页时允许远程执行代码。成功利用这些漏洞的攻击者可以获得与当前用户相同的用户权限。该更新对于所有受支持的 Windows 系统中的所有IE版本均为严重等级。该漏洞属于秘密报告的漏洞,目前尚未发现针对该漏洞的攻击以及受影响的用户。
MS13-051 | Microsoft Office 可引发远程代码执行漏洞
该安全更新解决了Microsoft Office 中的一个秘密报告的漏洞,当用户使用受影响的Microsoft Office 软件打开特制的 Office 文件或者在 Outlook 中使用 Word预览或打开邮件附件的时候,该漏洞可能引发远程代码执行。该漏洞对于 Microsoft Office 2003 和 Office for Mac 2011 均为严重等级。尽管该漏洞是秘密披露的,但是我们发现了针对该漏洞仅有的一些攻击。
微软此次还发布了安全通报 2854544,在今后的几个月中,微软将通过更新该安全通报来发布一个有关提升Windows 加密及私钥管理的新功能。在 Windows 8、Windows Server 2012 和 Windows RT 中已经自带该功能,现在对于从 Windows Vista 到 Windows 7 系统,也将提供该功能。
下表概述了本月的安全公告(按严重等级和公告 ID 排序):
|
Bulletin ID
|
Bulletin Title and Executive Summary
|
Maximum Severity Rating and Vulnerability Impact
|
Restart Requirement
|
Affected Software
|
|
MS13-047
|
Cumulative Security Update for Internet Explorer (2838727)
This security update resolves nineteen privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
|
Critical
Remote Code Execution
|
Requires restart
|
Microsoft Windows,
Internet Explorer
|
|
MS13-048
|
Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229)
This security update resolves one privately reported vulnerability in Windows. The vulnerability could allow information disclosure if an attacker logs on to a system and runs a specially crafted application or convinces a local, logged-in user to run a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise an affected system.
|
Important
Information Disclosure
|
Requires restart
|
Microsoft Windows
|
|
MS13-049
|
Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690)
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker sends specially crafted packets to the server. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter.
|
Important
Denial of Service
|
Requires restart
|
Microsoft Windows
|
|
MS13-050
|
Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege (2839894)
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege when an authenticated attacker deletes a printer connection. An attacker must have valid logon credentials and be able to log on to exploit this vulnerability.
|
Important
Elevation of privilege
|
Requires restart
|
Microsoft Windows
|
|
MS13-051
|
Vulnerability in Microsoft Office Could Allow Remote Code Execution (2839571)
This security update resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Office document using an affected version of Microsoft Office software, or previews or opens a specially crafted email message in Outlook while using Microsoft Word as the email reader. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
|
Important
Remote Code Execution
|
May require restart
|
Microsoft Office
|
详细信息请参考2013年6月安全公告摘要:
http://technet.microsoft.com/zh-CN/security/bulletin/ms13-jun
微软安全响应中心博客文章(英文):
http://blogs.technet.com/b/msrc/archive/2013/06/11/improved-cryptography-and-the-june-2013-bulletins.aspx
微软大中华区安全支持团队
