安全研究
安全漏洞
Microsoft Office信息泄露漏洞(CVE-2020-1445)
发布日期:2020-07-14
更新日期:2020-08-10
受影响系统:Microsoft Office Office Web Apps 2013 Service P
Microsoft Office Office Web Apps 2010 Service P
Microsoft Office Office Online Server
Microsoft Office 2019 for Mac
Microsoft Office 2019 for 64-bit editions
Microsoft Office 2019 for 32-bit editions
Microsoft Office 2016 for Mac
Microsoft Office 2010 (64-bit edition) SP2
Microsoft Office 2010 (32-bit edition) SP2
Microsoft Word 2016 (64-bit edition)
Microsoft Word 2016 (32-bit edition)
Microsoft Word 2013 Service Pack 1 (64-bit ed
Microsoft Word 2013 Service Pack 1 (32-bit ed
Microsoft Word 2013 RT SP1
Microsoft Word 2010 Service Pack 2 (64-bit ed
Microsoft Word 2010 Service Pack 2 (32-bit ed
Microsoft SharePoint Server 2019
Microsoft SharePoint Foundation 2010 Service Pack 2
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Enterprise Server 2013 Service
Microsoft 365 Apps for Enterprise 64-bit Systems
Microsoft 365 Apps for Enterprise 32-bit Systems
描述:
CVE(CAN) ID:
CVE-2020-1445
Microsoft Office是美国微软(Microsoft)公司的一款办公软件套件产品。
Microsoft Office存在信息泄露漏洞。攻击者可利用该漏洞借助特制的文档文件访问敏感信息,进一步破坏用户的计算机或数据。以下产品及版本受到影响:Microsoft 365 Apps for Enterprise、Office 2010 SP2、Office 2016 for Mac、Office 2019、Office 2019 for Mac、Office Online Server,Office Web Apps 2010 SP2、Office Web Apps 2013 SP1、SharePoint Enterprise Server 2013 SP1、SharePoint Enterprise Server 2016、SharePoint Server 2010 SP2、SharePoint Server 2019、Word 2010 SP2、Word 2013 RT SP1、Word 2013 SP1、Word 2016版本。
<*来源:Haifei Li(McAfee IPS Security Research Team)
*>
建议:
厂商补丁:
Microsoft
---------
目前厂商已发布升级补丁以修复漏洞,补丁获取链接:
https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-1445浏览次数:743
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障 |
