پشتیبانی 24/7 :

031-36691964 | 021-88203003

جستجو

انتشار وصله های سه شنبه مایکروسافت – نوامبر 2020

تیتر مطالب

روز سه شنبه، به روز رسانی امنیتی ماه نوامبر مایکروسافت منتشر شد.

در این به روزرسانی مایکروسافت، 112 آسیب پذیری موجود در محصولات خود را رفع نموده است. در این آسیب پذیری ها 17 مورد حیاتی و 93 مورد مهم وجود دارد که باید هر چه سریعتر نسبت به این دریافت و نصب این وصله ها اقدام نمود.

وصله آسیب پذیری Zero-day

آسیب پذیری Zero-day موجود با کدشناسایی CVE-2020-17087 در Windows Kernel Cryptography Driver (cng.sys)، رفع شده است. این آسیب پذیری هفته پیش توسط Google کشف شد که در حملاتی هدفمند از آن استفاده شده بود.

فهرست کامل به روزرسانی های ماه نوامبر 2020
Tag CVE ID CVE Title Severity
Azure DevOps CVE-2020-1325 Azure DevOps Server and Team Foundation Services Spoofing Vulnerability Important
Azure Sphere CVE-2020-16985 Azure Sphere Information Disclosure Vulnerability Important
Azure Sphere CVE-2020-16986 Azure Sphere Denial of Service Vulnerability Important
Azure Sphere CVE-2020-16987 Azure Sphere Unsigned Code Execution Vulnerability Important
Azure Sphere CVE-2020-16984 Azure Sphere Unsigned Code Execution Vulnerability Important
Azure Sphere CVE-2020-16981 Azure Sphere Elevation of Privilege Vulnerability Important
Azure Sphere CVE-2020-16982 Azure Sphere Unsigned Code Execution Vulnerability Important
Azure Sphere CVE-2020-16983 Azure Sphere Tampering Vulnerability Important
Azure Sphere CVE-2020-16988 Azure Sphere Elevation of Privilege Vulnerability Critical
Azure Sphere CVE-2020-16993 Azure Sphere Elevation of Privilege Vulnerability Important
Azure Sphere CVE-2020-16994 Azure Sphere Unsigned Code Execution Vulnerability Important
Azure Sphere CVE-2020-16970 Azure Sphere Unsigned Code Execution Vulnerability Important
Azure Sphere CVE-2020-16992 Azure Sphere Elevation of Privilege Vulnerability Important
Azure Sphere CVE-2020-16989 Azure Sphere Elevation of Privilege Vulnerability Important
Azure Sphere CVE-2020-16990 Azure Sphere Information Disclosure Vulnerability Important
Azure Sphere CVE-2020-16991 Azure Sphere Unsigned Code Execution Vulnerability Important
Common Log File System Driver CVE-2020-17088 Windows Common Log File System Driver Elevation of Privilege Vulnerability Important
Microsoft Browsers CVE-2020-17058 Microsoft Browser Memory Corruption Vulnerability Critical
Microsoft Dynamics CVE-2020-17005 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important
Microsoft Dynamics CVE-2020-17018 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important
Microsoft Dynamics CVE-2020-17021 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important
Microsoft Dynamics CVE-2020-17006 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Important
Microsoft Exchange Server CVE-2020-17083 Microsoft Exchange Server Remote Code Execution Vulnerability Important
Microsoft Exchange Server CVE-2020-17085 Microsoft Exchange Server Denial of Service Vulnerability Important
Microsoft Exchange Server CVE-2020-17084 Microsoft Exchange Server Remote Code Execution Vulnerability Important
Microsoft Graphics Component CVE-2020-16998 DirectX Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2020-17029 Windows Canonical Display Driver Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2020-17004 Windows Graphics Component Information Disclosure Vulnerability Important
Microsoft Graphics Component CVE-2020-17038 Win32k Elevation of Privilege Vulnerability Important
Microsoft Graphics Component CVE-2020-17068 Windows GDI+ Remote Code Execution Vulnerability Important
Microsoft Office CVE-2020-17065 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office CVE-2020-17064 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office CVE-2020-17066 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office CVE-2020-17019 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office CVE-2020-17067 Microsoft Excel Security Feature Bypass Vulnerability Important
Microsoft Office CVE-2020-17062 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability Important
Microsoft Office CVE-2020-17063 Microsoft Office Online Spoofing Vulnerability Important
Microsoft Office CVE-2020-17020 Microsoft Word Security Feature Bypass Vulnerability Important
Microsoft Office SharePoint CVE-2020-17016 Microsoft SharePoint Spoofing Vulnerability Important
Microsoft Office SharePoint CVE-2020-16979 Microsoft SharePoint Information Disclosure Vulnerability Important
Microsoft Office SharePoint CVE-2020-17015 Microsoft SharePoint Spoofing Vulnerability Low
Microsoft Office SharePoint CVE-2020-17017 Microsoft SharePoint Information Disclosure Vulnerability Important
Microsoft Office SharePoint CVE-2020-17061 Microsoft SharePoint Remote Code Execution Vulnerability Important
Microsoft Office SharePoint CVE-2020-17060 Microsoft SharePoint Spoofing Vulnerability Important
Microsoft Scripting Engine CVE-2020-17048 Chakra Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2020-17053 Internet Explorer Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2020-17052 Scripting Engine Memory Corruption Vulnerability Critical
Microsoft Scripting Engine CVE-2020-17054 Chakra Scripting Engine Memory Corruption Vulnerability Important
Microsoft Teams CVE-2020-17091 Microsoft Teams Remote Code Execution Vulnerability Important
Microsoft Windows CVE-2020-17032 Windows Remote Access Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17033 Windows Remote Access Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17026 Windows Remote Access Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17031 Windows Remote Access Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17027 Windows Remote Access Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17030 Windows MSCTF Server Information Disclosure Vulnerability Important
Microsoft Windows CVE-2020-17028 Windows Remote Access Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17044 Windows Remote Access Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17045 Windows KernelStream Information Disclosure Vulnerability Important
Microsoft Windows CVE-2020-17046 Windows Error Reporting Denial of Service Vulnerability Low
Microsoft Windows CVE-2020-17043 Windows Remote Access Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17042 Windows Print Spooler Remote Code Execution Vulnerability Critical
Microsoft Windows CVE-2020-17041 Windows Print Configuration Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17034 Windows Remote Access Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17049 Kerberos Security Feature Bypass Vulnerability Important
Microsoft Windows CVE-2020-17051 Windows Network File System Remote Code Execution Vulnerability Critical
Microsoft Windows CVE-2020-17040 Windows Hyper-V Security Feature Bypass Vulnerability Important
Microsoft Windows CVE-2020-17047 Windows Network File System Denial of Service Vulnerability Important
Microsoft Windows CVE-2020-17036 Windows Function Discovery SSDP Provider Information Disclosure Vulnerability Important
Microsoft Windows CVE-2020-17000 Remote Desktop Protocol Client Information Disclosure Vulnerability Important
Microsoft Windows CVE-2020-1599 Windows Spoofing Vulnerability Important
Microsoft Windows CVE-2020-16997 Remote Desktop Protocol Server Information Disclosure Vulnerability Important
Microsoft Windows CVE-2020-17001 Windows Print Spooler Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17057 Windows Win32k Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17056 Windows Network File System Information Disclosure Vulnerability Important
Microsoft Windows CVE-2020-17055 Windows Remote Access Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17010 Win32k Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17007 Windows Error Reporting Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17014 Windows Print Spooler Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17025 Windows Remote Access Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17024 Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17013 Win32k Information Disclosure Vulnerability Important
Microsoft Windows CVE-2020-17011 Windows Port Class Library Elevation of Privilege Vulnerability Important
Microsoft Windows CVE-2020-17012 Windows Bind Filter Driver Elevation of Privilege Vulnerability Important
Microsoft Windows Codecs Library CVE-2020-17106 HEVC Video Extensions Remote Code Execution Vulnerability Critical
Microsoft Windows Codecs Library CVE-2020-17101 HEIF Image Extensions Remote Code Execution Vulnerability Critical
Microsoft Windows Codecs Library CVE-2020-17105 AV1 Video Extension Remote Code Execution Vulnerability Critical
Microsoft Windows Codecs Library CVE-2020-17102 WebP Image Extensions Information Disclosure Vulnerability Important
Microsoft Windows Codecs Library CVE-2020-17082 Raw Image Extension Remote Code Execution Vulnerability Critical
Microsoft Windows Codecs Library CVE-2020-17086 Raw Image Extension Remote Code Execution Vulnerability Important
Microsoft Windows Codecs Library CVE-2020-17081 Microsoft Raw Image Extension Information Disclosure Vulnerability Important
Microsoft Windows Codecs Library CVE-2020-17079 Raw Image Extension Remote Code Execution Vulnerability Critical
Microsoft Windows Codecs Library CVE-2020-17078 Raw Image Extension Remote Code Execution Vulnerability Critical
Microsoft Windows Codecs Library CVE-2020-17107 HEVC Video Extensions Remote Code Execution Vulnerability Critical
Microsoft Windows Codecs Library CVE-2020-17110 HEVC Video Extensions Remote Code Execution Vulnerability Critical
Microsoft Windows Codecs Library CVE-2020-17113 Windows Camera Codec Information Disclosure Vulnerability Important
Microsoft Windows Codecs Library CVE-2020-17108 HEVC Video Extensions Remote Code Execution Vulnerability Critical
Microsoft Windows Codecs Library CVE-2020-17109 HEVC Video Extensions Remote Code Execution Vulnerability Critical
Visual Studio CVE-2020-17104 Visual Studio Code JSHint Extension Remote Code Execution Vulnerability Important
Visual Studio CVE-2020-17100 Visual Studio Tampering Vulnerability Important
Windows Defender CVE-2020-17090 Microsoft Defender for Endpoint Security Feature Bypass Vulnerability Important
Windows Kernel CVE-2020-17035 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2020-17087 Windows Kernel Local Elevation of Privilege Vulnerability Important
Windows NDIS CVE-2020-17069 Windows NDIS Information Disclosure Vulnerability Important
Windows Update Stack CVE-2020-17074 Windows Update Orchestrator Service Elevation of Privilege Vulnerability Important
Windows Update Stack CVE-2020-17073 Windows Update Orchestrator Service Elevation of Privilege Vulnerability Important
Windows Update Stack CVE-2020-17071 Windows Delivery Optimization Information Disclosure Vulnerability Important
Windows Update Stack CVE-2020-17075 Windows USO Core Worker Elevation of Privilege Vulnerability Important
Windows Update Stack CVE-2020-17070 Windows Update Medic Service Elevation of Privilege Vulnerability Important
Windows Update Stack CVE-2020-17077 Windows Update Stack Elevation of Privilege Vulnerability Important
Windows Update Stack CVE-2020-17076 Windows Update Orchestrator Service Elevation of Privilege Vulnerability Important
Windows WalletService CVE-2020-16999 Windows WalletService Information Disclosure Vulnerability Important
Windows WalletService CVE-2020-17037 Windows WalletService Elevation of Privilege Vulnerability Important

منبع :

https://www.bleepingcomputer.com