91猫先生

移到主要内容

【漏洞预警】微软释出115年5月份安全性更新

轉發 國家資安資訊分享與分析中心 資安訊息警訊 NISAC-200-202605-00000007
微软释出1155月份安全性更新,共修补139个漏洞,其中包含30个高风险漏洞与1个已遭利用之漏洞,请儘速确认并进行修补。
情资分享等级: WHITE(情资内容為可公开揭露之资讯)
此讯息仅发送到「区县市网路中心」,烦请贵单位协助转发与通知辖下各单位知悉
[
影响平台:]
【具高风险漏洞之产物】
ASP.NET Core
Azure AI Foundry M365 published agents
Azure Cloud Shell
Azure Connected Machine Agent
Azure DevOps
Azure Entra ID
Azure Logic Apps
Azure Machine Learning
Azure Managed Instance for Apache Cassandra
Azure Monitor Agent
Azure Notification Service
Azure SDK
Copilot Chat (Microsoft Edge)
Data Deduplication
Dynamics Business Central
GitHub Copilot and Visual Studio
M365 Copilot
M365 Copilot for Desktop
Microsoft Authenticator
Microsoft Data Formulator
Microsoft Dynamics 365 Customer Insights
Microsoft Dynamics 365 (on-premises)
Microsoft Edge (Chromium-based)
Microsoft Edge for Android
Microsoft Exchange Server
Microsoft Office
Microsoft Office Click-To-Run
Microsoft Office Excel
Microsoft Office PowerPoint
Microsoft Office SharePoint
Microsoft Office Word
Microsoft Partner Center
Microsoft SSO Plugin for Jira
Confluence
Microsoft Teams
Microsoft Windows DNS
.NET
Power Automate
SQL Server
Telnet Client
Visual Studio Code
Windows Admin Center
Windows Ancillary Function Driver for WinSock
Windows Application Identity (AppID) Subsystem
Windows Cloud Files Mini Filter Driver
Windows Common Log File System Driver
Windows Cryptographic Services
Windows DWM Core Library
Windows Event Logging Service
Windows Filtering Platform (WFP)
Windows GDI
Windows Hyper-V
Windows Internet Key Exchange (IKE) Protocol
Windows Kernel
Windows Kernel - Mode Drivers
Windows LDAP - Lightweight Directory Access Protocol
Windows LLDP
Windows Message Queuing
Windows Native WiFi Miniport Driver
Windows Netlogon
Windows Print Spooler Components
Windows Projected File System
Windows Remote Desktop
Windows Rich Text Edit
Windows Rich Text Edit Control
Windows Secure Boot
Windows SMB Client
Windows Storage Spaces Controller
Windows Storport Miniport Driver
Windows TCP/IP
Windows Telephony Service
Windows Volume Manager Extension Driver
Windows Win32K – GRFX
Windows Win32K - ICOMP
[
建议措施:]
目前微软官方已针对弱点释出修復版本,请各机关可联络系统维护厂商或参考以下连结:
[
参考资料:]
1.
(
此通报仅在於告知相关资讯,并非為资安事件),如果您对此通报的内容有疑问或有关於此事件的建议,欢迎与我们连络。
教育机构资安通报应变小组
网址:
专线电话:07-5250211
网路电话:98400000
E-Mail
service@cert.tanet.edu.tw