微软1月补丁日回顾 | 新年新气象-安全客

微软发布1月份安全补丁，修复51个安全漏洞

微软在昨日例行更新中发布了1月份的安全补丁，修复了51个安全漏洞。其中有7个漏洞被标记为关键漏洞。

此次并没有出现已在野利用的漏洞，仅有一个漏洞是此前已披露的，这个漏洞是CVE-2019-0579。在9月的时候ZDI曾公开披露过这个漏洞（因为微软超过120天未修复漏洞），微软接着在10月的补丁日修复了这个漏洞，但仍有可以绕过的方式，此次则再次尝试Patch掉这个漏洞。

此前推特上疯狂丢0day的作者披露的漏洞暂还未修复完成，恐怕还需花些时日。

1月更新中几个重要的漏洞

CVE-2019-0550/0551 Hyper-V RCE漏洞

两个相似的漏洞，虽然归类为远程代码执行，但实际上是需要Guest权限下操作。近日360安全研究员因Hyper-V漏洞收获百万奖金，可见此类漏洞影响力与重要性。这两个漏洞同时也是去年Pwn2Own中用到的漏洞，并获得了25万美金奖励。

CVE-2019-0547 DHCP RCE漏洞

上次见到影响稍广的DHCP客户端漏洞是Linux上的CVE-2018-1111，差不多半年后Windows上也出现了类似的问题。此漏洞危害、利用评级非常高，被多家安全企业列入应用补丁的第一梯队。根据微软描述只需向客户端发送特殊的响应包即可触发漏洞，可能会遭到大规模的利用。

CVE-2019-0586 Exchange RCE漏洞

微软此次并未将其归类为关键漏洞，但此漏洞根据描述利用场景还是较为容易的，发送特殊的邮件即可在Exchange服务器System用户权限下实现代码执行。

漏洞列表

CVE	Title	Severity	Public	Exploit	XI – Latest	XI – Older	Type
CVE-2019-0579	Jet Database Engine Remote Code Execution Vulnerability	Important	Yes	No	3	3	RCE
CVE-2019-0539	Chakra Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A	RCE
CVE-2019-0568	Chakra Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A	RCE
CVE-2019-0567	Chakra Scripting Engine Memory Corruption Vulnerability	Critical	No	No	1	N/A	RCE
CVE-2019-0565	Microsoft Edge Memory Corruption Vulnerability	Critical	No	No	1	N/A	RCE
CVE-2019-0547	Windows DHCP Client Remote Code Execution Vulnerability	Critical	No	No	1	N/A	RCE
CVE-2019-0550	Windows Hyper-V Remote Code Execution Vulnerability	Critical	No	No	2	2	RCE
CVE-2019-0551	Windows Hyper-V Remote Code Execution Vulnerability	Critical	No	No	2	2	RCE
CVE-2019-0564	ASP.NET Core Denial of Service Vulnerability	Important	No	No	2	2	DoS
CVE-2019-0548	ASP.NET Core Denial of Service Vulnerability	Important	No	No	2	2	EoP
CVE-2019-0566	Microsoft Edge Elevation of Privilege Vulnerability	Important	No	No	1	N/A	EoP
CVE-2019-0562	Microsoft SharePoint Elevation of Privilege Vulnerability	Important	No	No	2	2	EoP
CVE-2019-0543	Microsoft Windows Elevation of Privilege Vulnerability	Important	No	No	1	1	EoP
CVE-2019-0555	Microsoft XmlDocument Elevation of Privilege Vulnerability	Important	No	No	1	1	EoP
CVE-2019-0552	Windows COM Elevation of Privilege Vulnerability	Important	No	No	1	1	EoP
CVE-2019-0571	Windows Data Sharing Service Elevation of Privilege Vulnerability	Important	No	No	2	2	EoP
CVE-2019-0572	Windows Data Sharing Service Elevation of Privilege Vulnerability	Important	No	No	1	1	EoP
CVE-2019-0573	Windows Data Sharing Service Elevation of Privilege Vulnerability	Important	No	No	1	1	EoP
CVE-2019-0574	Windows Data Sharing Service Elevation of Privilege Vulnerability	Important	No	No	1	1	EoP
CVE-2019-0570	Windows Runtime Elevation of Privilege Vulnerability	Important	No	No	2	2	EoP
CVE-2019-0545	ASP.NET Information Disclosure Vulnerability	Important	No	No	2	2	Info
CVE-2019-0560	Microsoft Office Information Disclosure Vulnerability	Important	No	No	2	2	Info
CVE-2019-0559	Microsoft Outlook Information Disclosure Vulnerability	Important	No	No	2	2	Info
CVE-2019-0537	Microsoft Visual Studio Information Disclosure Vulnerability	Important	No	No	2	2	Info
CVE-2019-0561	Microsoft Word Information Disclosure Vulnerability	Important	No	No	2	2	Info
CVE-2019-0536	Windows Kernel Information Disclosure Vulnerability	Important	No	No	2	2	Info
CVE-2019-0549	Windows Kernel Information Disclosure Vulnerability	Important	No	No	2	2	Info
CVE-2019-0554	Windows Kernel Information Disclosure Vulnerability	Important	No	No	2	2	Info
CVE-2019-0569	Windows Kernel Information Disclosure Vulnerability	Important	No	No	1	1	Info
CVE-2019-0553	Windows Subsystem for Linux Information Disclosure Vulnerability	Important	No	No	2	2	Info
CVE-2019-0541	Internet Explorer Remote Code Execution Vulnerability	Important	No	No	1	1	RCE
CVE-2019-0538	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No	3	3	RCE
CVE-2019-0575	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No	3	3	RCE
CVE-2019-0576	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No	3	3	RCE
CVE-2019-0577	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No	3	3	RCE
CVE-2019-0578	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No	3	3	RCE
CVE-2019-0580	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No	3	3	RCE
CVE-2019-0581	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No	3	3	RCE
CVE-2019-0582	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No	3	3	RCE
CVE-2019-0583	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No	3	3	RCE
CVE-2019-0584	Jet Database Engine Remote Code Execution Vulnerability	Important	No	No	3	3	RCE
CVE-2019-0588	Microsoft Exchange Information Disclosure Vulnerability	Important	No	No	2	2	RCE
CVE-2019-0586	Microsoft Exchange Memory Corruption Vulnerability	Important	No	No	1	1	RCE
CVE-2019-0585	Microsoft Word Remote Code Execution Vulnerability	Important	No	No	2	2	RCE
CVE-2019-0556	Microsoft Office SharePoint XSS Vulnerability	Important	No	No	2	2	XSS
CVE-2019-0557	Microsoft Office SharePoint XSS Vulnerability	Important	No	No	2	2	XSS
CVE-2019-0558	Microsoft Office SharePoint XSS Vulnerability	Important	No	No	2	2	XSS
CVE-2019-0622	Skype for Android Elevation of Privilege Vulnerability	Moderate	No	No	N/A	N/A	EoP
CVE-2019-0546	Visual Studio Remote Code Execution Vulnerability	Moderate	No	No	2	2	RCE