有孚云官网

【漏洞通告】关于2021年3月微软多个产品高危漏洞通告

2021.3.15

摘要

近日，微软官方发布了多个安全漏洞的公告，包括InternetExplorer安全漏洞（CNNVD-202103-644、CVE-2021-27085）、MicrosoftSharePoint Server 安全漏洞（CNNVD-202103-642、CVE-2021-27076）等多个漏洞。成功利用上述漏洞的攻击者可以在目标系统上执行任意代码、获取用户数据，提升权限等。微软多个产品和系统受漏洞影响。目前，微软官方已经发布漏洞修复补丁，建议用户及时确认是否受到漏洞影响，尽快采取修补措施。

一、漏洞介绍

2021年3月10日，微软发布了2021年3月份安全更新，共82个漏洞的补丁程序，CNNVD对这些漏洞进行了收录。本次更新主要涵盖了Windows操作系统、Azure、IE和Edge、Exchange Server、Office、SharePoint Server，Visual Studio等多个Windows平台下应用软件和组件。CNNVD对其危害等级进行了评价，其中包括7个超危漏洞，64个高危漏洞。微软多个产品和系统版本受漏洞影响，具体影响范围可访问https://portal.msrc.microsoft.com/zh-cn/security-guidance查询。

二、重点漏洞简述

根据产品流行度和漏洞重要性筛选出此次更新中包含影响较大的漏洞，请相关用户重点进行关注：

Internet Explorer 内存泄露漏洞（CVE-2021-26411）：

Internet Explorer在处理DOM对象时，存在一处double free漏洞，攻击者通过诱导用户点击恶意链接或文件进行触发，可导致远程代码执行，从而取得目标系统的控制权限。该漏洞曾被黑客组织用于针对专业安全研究者的APT攻击，目前漏洞细节已公开。
官方通告链接：https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26411

Windows Hyper-V 远程代码执行漏洞（CVE-2021-26867）：

使用了Plan-9平台配置的 Hyper-V虚拟客户端存在一个严重漏洞，经过身份验证的攻击者可在Hyper-V服务器上执行任意代码。
官方通告链接：https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26867

Windows DNS Server 远程代码执行漏洞（CVE-2021-26897）：

Windows DNS Server存在一个严重的远程代码执行漏洞，攻击者通过向目标主机发送特制的请求，可在目标主机上以system权限执行任意代码。启用安全区域更新可部分缓解此漏洞，但攻击者依然可以通过加入域的计算机攻击启用了安全区域更新的DNS服务器。目前该漏洞细节已公开。
官方通告链接：https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-26897

Microsoft SharePoint Server 远程代码执行漏洞（CVE-2021-27076）：

Microsoft SharePoint Server存在远程代码执行漏洞。攻击者需要可以使用SharePoint服务器创建或修改网站，经过身份认证的攻击者可构造恶意数据执行反序列化攻击执行任意命令，从而获取服务器最高权限。
官方通告链接：https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-27076

Windows Win32k 权限提升漏洞（CVE-2021-27077）：

Windows内核模式驱动对内存对象处理不当导致的权限提升漏洞，经过身份验证的本地攻击者可利用此漏洞在目标系统上提升其权限以执行任意代码。目前已有漏洞细节披露。
官方通告链接：https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-27077

以下为重点关注漏洞的受影响产品版本，其他漏洞影响产品范围请参阅官方通告链接。

漏洞编号	受影响产品版本
CVE-2021-26411	Microsoft Edge (EdgeHTML-based)： Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems
	Internet Explorer 11： Windows Server 2016 Windows Server 2012 R2 Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems
	Internet Explorer 9： Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2
CVE-2021-26867	Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1909 for x64-based Systems
CVE-2021-26897	Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server, version 2004 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server 2019 (Server Core installation) Windows Server 2019 Windows Server, version 20H2 (Server Core Installation)
CVE-2021-27076	Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft Business Productivity Servers 2010 Service Pack 2 Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2016
CVE-2021-27077	Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2

三、漏洞详情

此次更新共包括82个漏洞的补丁程序，其中7个超危漏洞，64个高危漏洞。

序号	漏洞名称	CNNVD编号	CVE编号	危害等级	官方链接
1	Windows DNS 服务器安全漏洞	CNNVD-202103-615	CVE-2021-26897	超危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26897
2	Microsoft Windows DNS 服务器安全漏洞	CNNVD-202103-613	CVE-2021-26895	超危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26895
3	Microsoft Windows DNS 服务器安全漏洞	CNNVD-202103-618	CVE-2021-26894	超危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26894
4	Microsoft Windows DNS 服务器安全漏洞	CNNVD-202103-612	CVE-2021-26893	超危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26893
5	Microsoft Windows安全漏洞	CNNVD-202103-607	CVE-2021-26877	超危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26877
6	Windows Hyper-V安全漏洞	CNNVD-202103-597	CVE-2021-26867	超危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26867
7	Microsoft Azure Sphere 安全漏洞	CNNVD-202103-580	CVE-2021-27080	超危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27080
8	Microsoft Internet Explorer 安全漏洞	CNNVD-202103-644	CVE-2021-27085	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27085
9	Microsoft Visual Studio Code 安全漏洞	CNNVD-202103-643	CVE-2021-27084	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27084
10	Microsoft SharePoint Server 安全漏洞	CNNVD-202103-642	CVE-2021-27076	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27076
11	Microsoft Git for Visual Studio 安全漏洞	CNNVD-202103-640	CVE-2021-21300	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21300
12	Microsoft Windows DNS 服务器安全漏洞	CNNVD-202103-637	CVE-2021-27063	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27063
13	Microsoft HEVC Video 扩展程序安全漏洞	CNNVD-202103-638	CVE-2021-27062	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27062
14	Microsoft HEVC Video 扩展程序安全漏洞	CNNVD-202103-636	CVE-2021-27061	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27061
15	Microsoft Office 安全漏洞	CNNVD-202103-635	CVE-2021-27059	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27059
16	Microsoft Office ClickToRun 安全漏洞	CNNVD-202103-634	CVE-2021-27058	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27058
17	Microsoft Office 安全漏洞	CNNVD-202103-633	CVE-2021-27057	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27057
18	Microsoft PowerPoint 安全漏洞	CNNVD-202103-631	CVE-2021-27056	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27056
19	Microsoft Visio 安全漏洞	CNNVD-202103-632	CVE-2021-27055	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27055
20	Microsoft Excel 安全漏洞	CNNVD-202103-630	CVE-2021-27054	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27054
21	Microsoft Excel 安全漏洞	CNNVD-202103-629	CVE-2021-27053	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27053
22	Microsoft HEVC Video 扩展程序安全漏洞	CNNVD-202103-627	CVE-2021-27051	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27051
23	Microsoft HEVC Video 扩展程序安全漏洞	CNNVD-202103-626	CVE-2021-27050	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27050
24	Microsoft HEVC Video 扩展程序安全漏洞	CNNVD-202103-624	CVE-2021-27049	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27049
25	Microsoft HEVC Video 安全漏洞	CNNVD-202103-641	CVE-2021-27048	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27048
26	Microsoft HEVC Video 扩展程序安全漏洞	CNNVD-202103-623	CVE-2021-27047	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27047
27	Microsoft HEVC Video 扩展程序安全漏洞	CNNVD-202103-625	CVE-2021-26902	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26902
28	Windows事件跟踪安全漏洞	CNNVD-202103-622	CVE-2021-26901	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26901
29	Microsoft Windows Wink 安全漏洞	CNNVD-202103-621	CVE-2021-26900	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26900
30	Microsoft Windows UPnP 设备主机安全漏洞	CNNVD-202103-619	CVE-2021-26899	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26899
31	Microsoft Windows安全漏洞	CNNVD-202103-617	CVE-2021-26898	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26898
32	Microsoft Windows DNS 服务器安全漏洞	CNNVD-202103-616	CVE-2021-26896	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26896
33	Microsoft Windows容器执行代理安全漏洞	CNNVD-202103-650	CVE-2021-26891	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26891
34	Microsoft Application Virtualization 安全漏洞	CNNVD-202103-651	CVE-2021-26890	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26890
35	Microsoft Windows Update Stack 安全漏洞	CNNVD-202103-649	CVE-2021-26889	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26889
36	Microsoft Windows安全漏洞	CNNVD-202103-648	CVE-2021-26887	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26887
37	Microsoft Windows WalletService 安全漏洞	CNNVD-202103-646	CVE-2021-26885	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26885
38	Microsoft Windows安全漏洞	CNNVD-202103-614	CVE-2021-26882	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26882
39	Microsoft Windows Media Foundation安全漏洞	CNNVD-202103-610	CVE-2021-26881	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26881
40	Microsoft Windows安全漏洞	CNNVD-202103-620	CVE-2021-26880	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26880
41	Microsoft Windows NAT 安全漏洞	CNNVD-202103-609	CVE-2021-26879	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26879
42	Microsoft Windows打印后台处理程序安全漏洞	CNNVD-202103-608	CVE-2021-26878	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26878
43	Microsoft OpenType字体分析安全漏洞	CNNVD-202103-606	CVE-2021-26876	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26876
44	Microsoft Windows Win32k 安全漏洞	CNNVD-202103-605	CVE-2021-26875	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26875
45	Microsoft Windows覆盖筛选器安全漏洞	CNNVD-202103-604	CVE-2021-26874	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26874
46	Microsoft Windows User Profile Service安全漏洞	CNNVD-202103-602	CVE-2021-26873	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26873
47	Windows安全漏洞	CNNVD-202103-603	CVE-2021-26872	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26872
48	Windows安全漏洞	CNNVD-202103-600	CVE-2021-26871	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26871
49	Microsoft Windows投影文件系统安全漏洞	CNNVD-202103-601	CVE-2021-26870	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26870
50	Microsoft Windows图形组件安全漏洞	CNNVD-202103-598	CVE-2021-26868	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26868
51	Microsoft Windows Update 服务安全漏洞	CNNVD-202103-596	CVE-2021-26866	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26866
52	Microsoft Windows容器执行代理安全漏洞	CNNVD-202103-595	CVE-2021-26865	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26865
53	Microsoft Windows虚拟注册表提供程序安全漏洞	CNNVD-202103-594	CVE-2021-26864	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26864
54	Microsoft Windows Win32k 安全漏洞	CNNVD-202103-593	CVE-2021-26863	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26863
55	Microsoft Windows图形组件安全漏洞	CNNVD-202103-591	CVE-2021-26861	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26861
56	Microsoft Windows App-V 覆盖筛选器安全漏洞	CNNVD-202103-589	CVE-2021-26860	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26860
57	Microsoft Power BI信息泄漏漏洞	CNNVD-202103-590	CVE-2021-26859	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26859
58	Microsoft HEVC Video 扩展程序安全漏洞	CNNVD-202103-587	CVE-2021-24110	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24110
59	Microsoft Windows错误报告安全漏洞	CNNVD-202103-584	CVE-2021-24090	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24090
60	Microsoft HEVC Video 安全漏洞	CNNVD-202103-585	CVE-2021-24089	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24089
61	Visual Studio Code安全漏洞	CNNVD-202103-582	CVE-2021-27083	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27083
62	Microsoft Visual Studio Code 安全漏洞	CNNVD-202103-583	CVE-2021-27082	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27082
63	Microsoft Visual Studio Code ESLint 安全漏洞	CNNVD-202103-581	CVE-2021-27081	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27081
64	Microsoft Windows Win32k 安全漏洞	CNNVD-202103-579	CVE-2021-27077	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27077
65	Windows 10 安全漏洞	CNNVD-202103-575	CVE-2021-27070	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27070
66	Visual Studio Code安全漏洞	CNNVD-202103-576	CVE-2021-27060	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27060
67	Microsoft Internet Explorer 安全漏洞	CNNVD-202103-574	CVE-2021-26411	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26411
68	Microsoft Office 安全漏洞	CNNVD-202103-573	CVE-2021-24108	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24108
69	Microsoft DirectX 安全漏洞	CNNVD-202103-572	CVE-2021-24095	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24095
70	Microsoft Windows Update Stack 安装程序安全漏洞	CNNVD-202103-571	CVE-2021-1729	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1729
71	Microsoft Windows打印后台处理程序安全漏洞	CNNVD-202103-570	CVE-2021-1640	高危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1640
72	Microsoft Windows管理中心安全功能安全漏洞	CNNVD-202103-639	CVE-2021-27066	中危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27066
73	Microsoft SharePoint Server 信息泄露漏洞	CNNVD-202103-628	CVE-2021-27052	中危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27052
74	Microsoft Windows可扩展固件接口安全漏洞	CNNVD-202103-611	CVE-2021-26892	中危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26892
75	Microsoft User Profile Service安全漏洞	CNNVD-202103-647	CVE-2021-26886	中危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26886
76	Microsoft Windows Media 照片编解码器信息泄漏漏洞	CNNVD-202103-645	CVE-2021-26884	中危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26884
77	Microsoft Windows ActiveX 安装程序服务信息泄露漏洞	CNNVD-202103-599	CVE-2021-26869	中危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26869
78	Microsoft Windows Installer 安全漏洞	CNNVD-202103-592	CVE-2021-26862	中危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26862
79	Windows信息泄露漏洞	CNNVD-202103-588	CVE-2021-24107	中危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24107
80	Microsoft SharePoint 安全漏洞	CNNVD-202103-586	CVE-2021-24104	中危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24104
81	Microsoft Windows虚拟机信息泄露漏洞	CNNVD-202103-578	CVE-2021-27075	中危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27075
82	Microsoft Azure Sphere 安全漏洞	CNNVD-202103-577	CVE-2021-27074	中危	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27074

四、修复建议

目前，微软官方已经发布补丁修复了上述漏洞，建议用户及时确认漏洞影响，尽快采取修补措施。
微软官方补丁下载地址：https://msrc.microsoft.com/update-guide/en-us

上一篇: 【漏洞通告】关于2021年2月微软多个产品高危漏洞通告下一篇: 【漏洞通告】2021年4月关于微软多个产品高危漏洞通告

关于我们

有孚云是上海有孚网络股份有限公司基于22年+数据中心服务经验，承载企业 IT 的核心基础设施，打造致力于为企业提供高可用、高品质的云计算产品和服务平台。

发展历程