漏洞背景

2019年8月14日微軟發布的安全更新中除了RDP漏洞還涵蓋了針對多個遠程代碼執行高危漏洞的修復。

• Microsoft Word遠程代碼執行漏洞， 漏洞編號CVE-2019-0585。
• Windows DHCP客戶端遠程代碼執行漏洞， 漏洞編號CVE-2019-0736。
• LNK遠程代碼執行漏洞，漏洞編號CVE-2019-1188。

漏洞詳情

• LNK遠程代碼執行漏洞CVE-2019-1188

這個LNK遠程代碼執行漏洞和之前Stuxnet利用的LNK漏洞及其繞過類似。如果系統處理了攻擊者準備的.LNK文件，則攻擊者可能可以遠程執行代碼。攻擊者可以通過可移動驅動器(如U盤)或者遠程共享的方式攻擊。

該漏洞影響下列版本的操作系統：

Windows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1709 for 64-based SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1803 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows Server 2019Windows Server 2019 (Server Core installation)Windows Server, version 1803 (Server Core Installation)Windows Server, version 1903 (Server Core installation)

• Microsoft Word遠程代碼執行漏洞CVE-2019-0585

大多數word補丁被評為Important，但這一個被評為Critical。通常的word漏洞需要受害者在word中打開存在漏洞的word文檔。對于這個漏洞攻擊媒介是Outlook預覽窗格，因此攻擊者需要將準備的word文檔或者其鏈接通過電子郵件發送給受害者，如果受害者在Outlook預覽窗格中打開則可能利用此漏洞執行任意代碼。

該漏洞影響下列版本的office：

Microsoft Office 2010 Service Pack 2 (32-bit editions)Microsoft Office 2010 Service Pack 2 (64-bit editions)Microsoft Office 2016 for MacMicrosoft Office 2019 for 32-bit editionsMicrosoft Office 2019 for 64-bit editionsMicrosoft Office 2019 for MacMicrosoft Office Online ServerMicrosoft Office Web Apps 2010 Service Pack 2Microsoft Office Word ViewerMicrosoft SharePoint Enterprise Server 2013 Service Pack 1Microsoft SharePoint Enterprise Server 2016Microsoft SharePoint Server 2019Microsoft Word 2010 Service Pack 2 (32-bit editions)Microsoft Word 2010 Service Pack 2 (64-bit editions)Microsoft Word 2013 RT Service Pack 1Microsoft Word 2013 Service Pack 1 (32-bit editions)Microsoft Word 2013 Service Pack 1 (64-bit editions)Microsoft Word 2016 (32-bit edition)Microsoft Word 2016 (64-bit edition)Office 365 ProPlus for 32-bit SystemsOffice 365 ProPlus for 64-bit SystemsWord Automation Services

• Windows DHCP客戶端遠程代碼執行漏洞CVE-2019-0736

如果攻擊者向受影響的目標發送一個經過特殊設計的DHCP包，這個漏洞可能允許攻擊者執行任意代碼。這個過程不涉及用戶交互或身份驗證，理論上也是蠕蟲化的。

該漏洞影響下列版本的操作系統：

Windows 10 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 Version 1607 for x64-based SystemsWindows 10 Version 1703 for 32-bit SystemsWindows 10 Version 1703 for x64-based SystemsWindows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1709 for 64-based SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1803 for x64-based SystemsWindows 7 for 32-bit Systems Service Pack 1Windows 7 for x64-based Systems Service Pack 1Windows 8.1 for 32-bit systemsWindows 8.1 for x64-based systemsWindows RT 8.1Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for Itanium-Based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2012Windows Server 2012 (Server Core installation)Windows Server 2012 R2Windows Server 2012 R2 (Server Core installation)Windows Server 2016Windows Server 2016 (Server Core installation)Windows Server, version 1803 (Server Core Installation)

修復建議

360安全大腦建議通過安裝360安全衛士進行一鍵更新。應及時進行Microsoft Windows版本更新并且保持Windows自動更新開啟，也可以通過下載參考鏈接中的軟件包，手動進行升級。

360官網_360安全衛士_360官方下載_360正版-360殺毒軟件下載?weishi.360.cn

總結

以上是生活随笔為你收集整理的js word 预览_微软补丁日：Word/DHCP/LNK远程代码执行漏洞预警的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。