1. 漏洞概述

近日，微软官方发布了多个安全漏洞的公告，包括Windows权限提升漏洞（CNNVD-202010-1673、CVE-2020-17087）、Windows NFS远程代码执行漏洞（CNNVD-202011-783、CVE-2020-17051）、Windows Exchange Server远程代码执行漏洞（CNNVD-202011-755、CVE-2020-17084）等多个漏洞。成功利用上述漏洞的攻击者可以在目标系统上执行任意代码、获取用户数据，提升权限等。微软多个产品和系统受漏洞影响。目前，微软官方已经发布漏洞修复补丁，建议用户及时确认是否受到漏洞影响，尽快采取修补措施。

2. 漏洞介绍

2020年11月11日，微软发布了2020年11月份安全更新，共112个漏洞的补丁程序，CNNVD对这些漏洞进行了收录。本次更新主要涵盖了 Windows操作系统、IE/Edge浏览器、Office 组件及Web Apps、ChakraCore、Exchange服务器、.Net 框架、Azure DevOps、Windows Defender、Visual Studio等多个Windows平台下应用软件和组件。微软多个产品和系统版本受漏洞影响，具体影响范围可访问https://portal.msrc.microsoft.com/zh-cn/security-guidance查询，其中部分重要漏洞详情如下：

2.1. 重点漏洞简述

根据产品流行度和漏洞重要性筛选出此次更新中包含影响较大的漏洞，请相关用户重点进行关注：

Windows 网络文件系统远程代码执行漏洞（CVE-2020-17051）：

Windows NFS v3服务器中存在可远程利用的堆溢出漏洞。在nfssvr.sys文件的某函数中，某处字符串ANSI转换为UNICODE后，调用了memcpy，从而造成了缓冲区溢出。攻击者可以利用此漏洞来访问系统，并通过精心制作的NFS数据包远程执行恶意代码。

官方通告链接：
https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2020-17051

Windows 网络文件系统信息泄露漏洞（CVE-2020-17056）：

存在于nfssvr.sys驱动中的远程越界读取漏洞，当nfssvr对READ程序处理时存在越界读取，可导致ASLR（地址空间布局随机化）被绕过。此漏洞可被攻击者用来造成信息泄漏，并与CVE-2020-17051进行组合利用。

官方通告链接：
https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2020-17056

Windows 内核 cng.sys权限提升漏洞（CVE-2020-17087）：

该漏洞是Windows cng.sys驱动中的缓冲区溢出漏洞，攻击者可以在用户端通过IOCTL 0x390400发送对应的畸形数据，从而造成溢出。攻击者还可以通过诱使用户打开恶意的文件或网络资源进行利用，达到本地提权或沙箱逃逸的目的。目前该漏洞PoC已公开，并发现在野利用。

官方通告链接：
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17087

Windows Print Spooler远程代码执行漏洞（CVE-2020-17042）：

漏洞的CVSS评分为8.8，可利用性等级为“Exploitation Less Likely”。微软目前没有披露此漏洞的详细信息，根据Windows Print Spooler的历史漏洞，可与其他漏洞组合利用实现控制主机并进一步在网络中传播。

官方通告链接：
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17042

Microsoft SharePoint 远程代码执行漏洞（CVE-2020-17061）：

该漏洞为Microsoft SharePoint的远程代码执行漏洞。由于Microsoft SharePoint对用户输入的验证不足，存在反序列化漏洞，导致用户可以输入一些精心构造的数据，造成内存破坏，从而造成远程代码执行。

官方通告链接：
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17061

Microsoft Exchange Server远程执行代码漏洞（CVE-2020-17083/CVE-2020-17084）：

Microsoft Exchange在处理内存中的对象时存在以上漏洞。攻击者诱使用户打开精心构造的电子邮件来触发漏洞，成功利用此漏洞的攻击者可在受影响的系统上执行任意代码。

官方通告链接：
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17083
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17084

Windows Hyper-V 安全功能绕过漏洞（CVE-2020-17040）：

Microsoft 图形组件在处理内存中的对象时存在远程代码执行漏洞。攻击者可通过诱导用户打开特制文件来进行利用，成功利用此漏洞的远程攻击者可在目标系统上执行任意代码。

官方通告链接：
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17040

2.2. 其它漏洞列表

影响产品	CVE 编号	漏洞标题	严重程度
Windows	CVE-2020-17078	Raw Image Extension 远程代码执行漏洞	Critical
Windows	CVE-2020-17079	Raw Image Extension 远程代码执行漏洞	Critical
Windows	CVE-2020-17101	HEIF Image Extensions 远程代码执行漏洞	Critical
Windows	CVE-2020-17105	AV1 Video Extension 远程代码执行漏洞	Critical
Windows	CVE-2020-17106	HEVC Video Extensions 远程代码执行漏洞	Critical
Windows	CVE-2020-17107	HEVC Video Extensions 远程代码执行漏洞	Critical
Windows	CVE-2020-17108	HEVC Video Extensions 远程代码执行漏洞	Critical
Windows	CVE-2020-17109	HEVC Video Extensions 远程代码执行漏洞	Critical
Windows	CVE-2020-17110	HEVC Video Extensions 远程代码执行漏洞	Critical
Azure	CVE-2020-16988	Azure Sphere 权限提升漏洞	Critical
Windows	CVE-2020-17042	Windows Print Spooler 远程代码执行漏洞	Critical
ChakraCore,Microsoft Edge	CVE-2020-17048	Chakra Scripting Engine 内存泄露漏洞	Critical
Windows	CVE-2020-17051	Windows Network File System 远程代码执行漏洞	Critical
Internet Explorer,Microsoft Edge	CVE-2020-17052	Scripting Engine 内存泄露漏洞	Critical
Internet Explorer	CVE-2020-17053	Internet Explorer 内存泄露漏洞	Critical
Internet Explorer,Microsoft Edge	CVE-2020-17058	Microsoft Browser 内存泄露漏洞	Critical
Windows	CVE-2020-17082	Raw Image Extension 远程代码执行漏洞	Critical
Azure	CVE-2020-16970	Azure Sphere Unsigned Code Execution Vulnerability	Important
Microsoft Office	CVE-2020-16979	Microsoft SharePoint 信息披露漏洞	Important
Windows	CVE-2020-16997	Remote Desktop Protocol Server 信息披露漏洞	Important
Windows	CVE-2020-16998	DirectX 权限提升漏洞	Important
Windows	CVE-2020-16999	Windows WalletService 信息披露漏洞	Important
Windows	CVE-2020-17000	Remote Desktop Protocol Client 信息披露漏洞	Important
Windows	CVE-2020-17001	Windows Print Spooler 权限提升漏洞	Important
Windows	CVE-2020-17004	Windows Graphics Component 信息披露漏洞	Important
Microsoft Office	CVE-2020-17019	Microsoft Excel 远程代码执行漏洞	Important
Microsoft Office	CVE-2020-17020	Microsoft Word Security 功能绕过	Important
Windows	CVE-2020-17055	Windows Remote Access 权限提升漏洞	Important
Windows	CVE-2020-17056	Windows Network File System 信息披露漏洞	Important
Windows	CVE-2020-17057	Windows Win32k 权限提升漏洞	Important
Windows	CVE-2020-17068	Windows GDI+ 远程代码执行漏洞	Important
Windows	CVE-2020-17069	Windows NDIS 信息披露漏洞	Important
Windows	CVE-2020-17070	Windows Update Medic Service 权限提升漏洞	Important
Windows	CVE-2020-17071	Windows Delivery Optimization 信息披露漏洞	Important
Windows	CVE-2020-17073	Windows Update Orchestrator Service 权限提升漏洞	Important
Windows	CVE-2020-17074	Windows Update Orchestrator Service 权限提升漏洞	Important
Windows	CVE-2020-17075	Windows USO Core Worker 权限提升漏洞	Important
Windows	CVE-2020-17076	Windows Update Orchestrator Service 权限提升漏洞	Important
Windows	CVE-2020-17077	Windows Update Stack 权限提升漏洞	Important
Windows	CVE-2020-17087	Windows Kernel Local 权限提升漏洞	Important
Windows	CVE-2020-17088	Windows Common Log File System Driver 权限提升漏洞	Important
Windows	CVE-2020-17090	Microsoft Defender for Endpoint Security 功能绕过	Important
Microsoft Office	CVE-2020-17091	Microsoft Teams 远程代码执行漏洞	Important
Microsoft Visual Studio	CVE-2020-17100	Visual Studio Tampering Vulnerability	Important
Windows	CVE-2020-17102	WebP Image Extensions 信息披露漏洞	Important
Windows	CVE-2020-17113	Windows Camera Codec 信息披露漏洞	Important
Windows	CVE-2020-1599	Windows 欺骗漏洞	Important
Azure	CVE-2020-16981	Azure Sphere 权限提升漏洞	Important
Azure	CVE-2020-16982	Azure Sphere Unsigned Code Execution Vulnerability	Important
Azure	CVE-2020-16983	Azure Sphere Tampering Vulnerability	Important
Azure	CVE-2020-16984	Azure Sphere Unsigned Code Execution Vulnerability	Important
Azure	CVE-2020-16985	Azure Sphere 信息披露漏洞	Important
Azure	CVE-2020-16986	Azure Sphere 拒绝服务漏洞	Important
Azure	CVE-2020-16987	Azure Sphere Unsigned Code Execution Vulnerability	Important
Azure	CVE-2020-16989	Azure Sphere 权限提升漏洞	Important
Azure	CVE-2020-16990	Azure Sphere 信息披露漏洞	Important
Azure	CVE-2020-16991	Azure Sphere Unsigned Code Execution Vulnerability	Important
Azure	CVE-2020-16992	Azure Sphere 权限提升漏洞	Important
Azure	CVE-2020-16993	Azure Sphere 权限提升漏洞	Important
Azure	CVE-2020-16994	Azure Sphere Unsigned Code Execution Vulnerability	Important
Microsoft Dynamics	CVE-2020-17005	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	Important
Microsoft Dynamics	CVE-2020-17006	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	Important
Windows	CVE-2020-17007	Windows Error Reporting 权限提升漏洞	Important
Windows	CVE-2020-17010	Win32k 权限提升漏洞	Important
Windows	CVE-2020-17011	Windows Port Class Library 权限提升漏洞	Important
Windows	CVE-2020-17012	Windows Bind Filter Driver 权限提升漏洞	Important
Windows	CVE-2020-17013	Win32k 信息披露漏洞	Important
Windows	CVE-2020-17014	Windows Print Spooler 权限提升漏洞	Important
Microsoft Office	CVE-2020-17016	Microsoft SharePoint 欺骗漏洞	Important
Microsoft Office	CVE-2020-17017	Microsoft SharePoint 信息披露漏洞	Important
Microsoft Dynamics	CVE-2020-17018	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	Important
Microsoft Dynamics	CVE-2020-17021	Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability	Important
Windows	CVE-2020-17024	Windows Client Side Rendering Print Provider 权限提升漏洞	Important
Windows	CVE-2020-17025	Windows Remote Access 权限提升漏洞	Important
Windows	CVE-2020-17026	Windows Remote Access 权限提升漏洞	Important
Windows	CVE-2020-17027	Windows Remote Access 权限提升漏洞	Important
Windows	CVE-2020-17028	Windows Remote Access 权限提升漏洞	Important
Windows	CVE-2020-17029	Windows Canonical Display Driver 信息披露漏洞	Important
Windows	CVE-2020-17030	Windows MSCTF Server 信息披露漏洞	Important
Windows	CVE-2020-17031	Windows Remote Access 权限提升漏洞	Important
Windows	CVE-2020-17032	Windows Remote Access 权限提升漏洞	Important
Windows	CVE-2020-17033	Windows Remote Access 权限提升漏洞	Important
Windows	CVE-2020-17034	Windows Remote Access 权限提升漏洞	Important
Windows	CVE-2020-17035	Windows Kernel 权限提升漏洞	Important
Windows	CVE-2020-17036	Windows Function Discovery SSDP Provider 信息披露漏洞	Important
Windows	CVE-2020-17037	Windows WalletService 权限提升漏洞	Important
Windows	CVE-2020-17038	Win32k 权限提升漏洞	Important
Windows	CVE-2020-17040	Windows Hyper-V Security 功能绕过	Important
Windows	CVE-2020-17041	Windows Print Configuration 权限提升漏洞	Important
Windows	CVE-2020-17043	Windows Remote Access 权限提升漏洞	Important
Windows	CVE-2020-17044	Windows Remote Access 权限提升漏洞	Important
Windows	CVE-2020-17045	Windows KernelStream 信息披露漏洞	Important
Windows	CVE-2020-17047	Windows Network File System 拒绝服务漏洞	Important
Windows	CVE-2020-17049	Kerberos Security 功能绕过	Important
ChakraCore,Microsoft Edge	CVE-2020-17054	Chakra Scripting Engine 内存泄露漏洞	Important
Microsoft Office	CVE-2020-17060	Microsoft SharePoint 欺骗漏洞	Important
Microsoft Office	CVE-2020-17061	Microsoft SharePoint 远程代码执行漏洞	Important
Microsoft Office	CVE-2020-17062	Microsoft Office Access Connectivity Engine 远程代码执行漏洞	Important
Microsoft Office	CVE-2020-17063	Microsoft Office Online 欺骗漏洞	Important
Microsoft Office	CVE-2020-17064	Microsoft Excel 远程代码执行漏洞	Important
Microsoft Office	CVE-2020-17065	Microsoft Excel 远程代码执行漏洞	Important
Microsoft Office	CVE-2020-17066	Microsoft Excel 远程代码执行漏洞	Important
Microsoft Office	CVE-2020-17067	Microsoft Excel Security 功能绕过	Important
Windows	CVE-2020-17081	Microsoft Raw Image Extension 信息披露漏洞	Important
Exchange Server	CVE-2020-17083	Microsoft Exchange Server 远程代码执行漏洞	Important
Exchange Server	CVE-2020-17084	Microsoft Exchange Server 远程代码执行漏洞	Important
Exchange Server	CVE-2020-17085	Microsoft Exchange Server 拒绝服务漏洞	Important
Windows	CVE-2020-17086	Raw Image Extension 远程代码执行漏洞	Important
Visual Studio Code	CVE-2020-17104	Visual Studio Code JSHint Extension 远程代码执行漏洞	Important
Azure DevOps Server	CVE-2020-1325	Azure DevOps Server and Team Foundation Services 欺骗漏洞	Important
Microsoft Office	CVE-2020-17015	Microsoft SharePoint 欺骗漏洞	Low
Windows	CVE-2020-17046	Windows Error Reporting 拒绝服务漏洞	Low

   

3. 影响范围

以下为重点关注漏洞的受影响产品版本，其他漏洞影响产品范围请参阅官方通告链接。

漏洞编号	受影响产品版本
CVE-2020-17051	Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows Server, version 2004 (Server Core installation) Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems
CVE-2020-17056	Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems
CVE-2020-17087	Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems
CVE-2020-17042	Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems
CVE-2020-17061	Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Foundation 2010 Service Pack 2 Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2016
CVE-2020-17083 CVE-2020-17084	Microsoft Exchange Server 2019 Cumulative Update 6 Microsoft Exchange Server 2019 Cumulative Update 7 Microsoft Exchange Server 2016 Cumulative Update 17 Microsoft Exchange Server 2016 Cumulative Update 18 Microsoft Exchange Server 2013 Cumulative Update 23
CVE-2020-17040	Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 1903 for x64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1909 for x64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows 8.1 for x64-based systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 for x64-based Systems Windows 10 Version 20H2 for x64-based Systems

4. 修复建议

目前微软官方已针对受支持的产品版本发布了修复以上漏洞的安全补丁，强烈建议受影响用户尽快安装补丁进行防护。

官方通告链接：
https://msrc.microsoft.com/update-guide/en-us/releaseNote/2020-Nov

注：由于网络问题、计算机环境问题等原因，Windows Update的补丁更新可能出现失败。用户在安装补丁后，应及时检查补丁是否成功更新。右键点击Windows图标，选择“设置(N)”，选择“更新和安全”-“Windows更新”，查看该页面上的提示信息，也可点击“查看更新历史记录”查看历史更新情况。针对未成功安装的更新，可点击更新名称跳转到微软官方下载页面，建议用户点击该页面上的链接，转到“Microsoft更新目录”网站下载独立程序包并安装。