发布日期：2024-04-09
更新日期：2024-04-10

受影响系统：

Microsoft Microsoft Windows 10 22H2 for x64-based Systems
Microsoft Microsoft Windows 10 22H2 for ARM64-based Systems
Microsoft Microsoft Windows 10 22H2 for 32-bit Systems
Microsoft Microsoft Windows 10 21H2 for x64-based Systems
Microsoft Microsoft Windows 10 21H2 for ARM64-based Systems
Microsoft Microsoft Windows 10 21H2 for 32-bit Systems
Microsoft Microsoft Windows 10 1809 for x64-based Systems
Microsoft Microsoft Windows 10 1809 for ARM64-based Systems
Microsoft Microsoft Windows 10 1809 for 32-bit Systems
Microsoft Microsoft Windows 11 23H2 for x64-based Systems
Microsoft Microsoft Windows 11 23H2 for ARM64-based Systems
Microsoft Microsoft Windows 11 22H2 for x64-based Systems
Microsoft Microsoft Windows 11 22H2 for ARM64-based Systems
Microsoft Microsoft Windows 11 21H2 for x64-based Systems
Microsoft Microsoft Windows 11 21H2 for ARM64-based Systems
Microsoft Microsoft Windows Server 2022, 23H2 Edition (Server Cor
Microsoft Microsoft Windows Server 2022(Server Core installation)
Microsoft Microsoft Windows Server 2022
Microsoft Microsoft Windows Server 2019(Server Core installation)
Microsoft Microsoft Windows Server 2019

描述：

---

CVE(CAN) ID: CVE-2024-23594

EFI是可扩展固件接口，是联想公司推出的一种在未来的类PC的电脑系统中替代BIOS的升级方案。
Lenovo LenovoBT.efi存在堆栈缓冲区溢出漏洞，目前暂无漏洞细节提供。

<**>

建议：

---

厂商补丁：

Microsoft
---------
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2024-23594

浏览次数：319
严重程度：0（网友投票）