近日,微软官方发布了多个安全漏洞的公告,其中微软产品本身漏洞121个,影响到微软产品的其他厂商漏洞0个。微软Microsoft Windows、Microsoft Windows Routing and Remote Access Service、Microsoft Windows Kernel Mode Drivers、Microsoft ASP.NET Core等多个产品和系统受漏洞影响。目前,微软官方已经发布了漏洞修复补丁,建议用户及时确认是否受到漏洞影响,尽快采取修补措施。
一、 漏洞介绍
2025年4月8日,微软发布了2025年4月份安全更新,共121个漏洞的补丁程序,CNNVD对这些漏洞进行了收录。本次更新主要涵盖了Microsoft Windows 和 Windows 组件、Microsoft Windows Routing and Remote Access Service、Microsoft Windows Kernel Mode Drivers、Microsoft ASP.NET Core、Microsoft Windows Update Stack、Microsoft Windows Hello等。CNNVD对其危害等级进行了评价,其中高危漏洞98个,中危漏洞23个。微软多个产品和系统版本受漏洞影响,具体影响范围可访问微软官方网站查询:
https://portal.msrc.microsoft.com/zh-cn/security-guidance
二、漏洞详情
此次更新共121个漏洞的补丁程序,包括121个新增漏洞的补丁程序。
此次更新共包括121个新增漏洞的补丁程序,其中高危漏洞98个,中危漏洞23个。
序号 | 漏洞名称 | CNNVD编号 | CVE编号 | 危害等级 | 官方链接 |
1 | Microsoft Windows Standards-Based Storage Management Service 资源管理错误漏洞 | CNNVD-202504-1381 | CVE-2025-21174 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21174 |
2 | Microsoft Local Security Authority Server 安全漏洞 | CNNVD-202504-1393 | CVE-2025-21191 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21191 |
3 | Microsoft Windows Update Stack 后置链接漏洞 | CNNVD-202504-1405 | CVE-2025-21204 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21204 |
4 | Microsoft Windows Telephony Server 安全漏洞 | CNNVD-202504-1401 | CVE-2025-21205 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21205 |
5 | Microsoft Windows Telephony Server 安全漏洞 | CNNVD-202504-1407 | CVE-2025-21221 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21221 |
6 | Microsoft Windows Telephony Server 安全漏洞 | CNNVD-202504-1408 | CVE-2025-21222 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21222 |
7 | Microsoft DWM Core Library 输入验证错误漏洞 | CNNVD-202504-1406 | CVE-2025-24058 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24058 |
8 | Microsoft DWM Core Library 输入验证错误漏洞 | CNNVD-202504-1409 | CVE-2025-24060 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24060 |
9 | Microsoft DWM Core Library 输入验证错误漏洞 | CNNVD-202504-1410 | CVE-2025-24062 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24062 |
10 | Microsoft DWM Core Library 输入验证错误漏洞 | CNNVD-202504-1374 | CVE-2025-24073 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24073 |
11 | Microsoft DWM Core Library 输入验证错误漏洞 | CNNVD-202504-1367 | CVE-2025-24074 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24074 |
12 | Microsoft Azure 安全漏洞 | CNNVD-202504-1412 | CVE-2025-26628 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26628 |
13 | Microsoft Windows USB Print Driver 安全漏洞 | CNNVD-202504-1416 | CVE-2025-26639 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26639 |
14 | Microsoft Windows Digital Media 资源管理错误漏洞 | CNNVD-202504-1414 | CVE-2025-26640 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26640 |
15 | Microsoft Windows Cryptographic Services 资源管理错误漏洞 | CNNVD-202504-1417 | CVE-2025-26641 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26641 |
16 | Microsoft Office 输入验证错误漏洞 | CNNVD-202504-1418 | CVE-2025-26642 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26642 |
17 | Microsoft Windows Kerberos 输入验证错误漏洞 | CNNVD-202504-1420 | CVE-2025-26647 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26647 |
18 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202504-1422 | CVE-2025-26648 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26648 |
19 | Microsoft Windows Secure Channel 资源管理错误漏洞 | CNNVD-202504-1423 | CVE-2025-26649 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26649 |
20 | Microsoft Windows Standards-Based Storage Management Service 资源管理错误漏洞 | CNNVD-202504-1424 | CVE-2025-26652 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26652 |
21 | Microsoft Lightweight Directory Access Protocol(LDAP) 资源管理错误漏洞 | CNNVD-202504-1190 | CVE-2025-26663 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26663 |
22 | Microsoft Windows 安全漏洞 | CNNVD-202504-1193 | CVE-2025-26665 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26665 |
23 | Microsoft Windows Media Foundation 安全漏洞 | CNNVD-202504-1192 | CVE-2025-26666 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26666 |
24 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202504-1207 | CVE-2025-26668 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26668 |
25 | Microsoft Windows Routing and Remote Access Service 缓冲区错误漏洞 | CNNVD-202504-1194 | CVE-2025-26669 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26669 |
26 | Microsoft Lightweight Directory Access Protocol(LDAP) 资源管理错误漏洞 | CNNVD-202504-1425 | CVE-2025-26670 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26670 |
27 | Microsoft Windows Remote Desktop Services 安全漏洞 | CNNVD-202504-1426 | CVE-2025-26671 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26671 |
28 | Microsoft Lightweight Directory Access Protocol(LDAP) 资源管理错误漏洞 | CNNVD-202504-1429 | CVE-2025-26673 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26673 |
29 | Microsoft Windows Media Foundation 安全漏洞 | CNNVD-202504-1428 | CVE-2025-26674 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26674 |
30 | Microsoft Windows Subsystem for Linux(WSL) 缓冲区错误漏洞 | CNNVD-202504-1431 | CVE-2025-26675 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26675 |
31 | Microsoft Windows Defender Application Control(WDAC) 访问控制错误漏洞 | CNNVD-202504-1430 | CVE-2025-26678 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26678 |
32 | Microsoft Windows 资源管理错误漏洞 | CNNVD-202504-1433 | CVE-2025-26679 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26679 |
33 | Microsoft Windows Standards-Based Storage Management Service 资源管理错误漏洞 | CNNVD-202504-1213 | CVE-2025-26680 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26680 |
34 | Microsoft ASP.NET Core 安全漏洞 | CNNVD-202504-1434 | CVE-2025-26682 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26682 |
35 | Microsoft Windows TCP/IP 安全漏洞 | CNNVD-202504-1218 | CVE-2025-26686 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26686 |
36 | Microsoft Win32k 资源管理错误漏洞 | CNNVD-202504-1222 | CVE-2025-26687 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26687 |
37 | Microsoft Manage Virtual Hard Disks 安全漏洞 | CNNVD-202504-1225 | CVE-2025-26688 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26688 |
38 | Microsoft Windows Digital Media 资源管理错误漏洞 | CNNVD-202504-1452 | CVE-2025-27467 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27467 |
39 | Microsoft Lightweight Directory Access Protocol(LDAP) 资源管理错误漏洞 | CNNVD-202504-1453 | CVE-2025-27469 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27469 |
40 | Microsoft Windows Standards-Based Storage Management Service 资源管理错误漏洞 | CNNVD-202504-1236 | CVE-2025-27470 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27470 |
41 | Microsoft HTTP.sys 资源管理错误漏洞 | CNNVD-202504-1239 | CVE-2025-27473 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27473 |
42 | Microsoft Windows Update Stack 安全漏洞 | CNNVD-202504-1258 | CVE-2025-27475 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27475 |
43 | Microsoft Windows Digital Media 资源管理错误漏洞 | CNNVD-202504-1254 | CVE-2025-27476 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27476 |
44 | Microsoft Windows Telephony Server 安全漏洞 | CNNVD-202504-1262 | CVE-2025-27477 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27477 |
45 | Microsoft Local Security Authority Server 安全漏洞 | CNNVD-202504-1265 | CVE-2025-27478 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27478 |
46 | Microsoft Windows Kerberos 安全漏洞 | CNNVD-202504-1268 | CVE-2025-27479 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27479 |
47 | Microsoft Windows Remote Desktop Gateway(RD Gateway) 资源管理错误漏洞 | CNNVD-202504-1454 | CVE-2025-27480 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27480 |
48 | Microsoft Windows Telephony Server 安全漏洞 | CNNVD-202504-1456 | CVE-2025-27481 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27481 |
49 | Microsoft Windows Remote Desktop Gateway(RD Gateway) 安全漏洞 | CNNVD-202504-1458 | CVE-2025-27482 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27482 |
50 | Microsoft Windows NTFS 缓冲区错误漏洞 | CNNVD-202504-1459 | CVE-2025-27483 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27483 |
51 | Microsoft Windows UPnP 安全漏洞 | CNNVD-202504-1457 | CVE-2025-27484 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27484 |
52 | Microsoft Windows Standards-Based Storage Management Service 资源管理错误漏洞 | CNNVD-202504-1455 | CVE-2025-27485 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27485 |
53 | Microsoft Windows Standards-Based Storage Management Service 资源管理错误漏洞 | CNNVD-202504-1461 | CVE-2025-27486 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27486 |
54 | Microsoft Remote Desktop Client 安全漏洞 | CNNVD-202504-1460 | CVE-2025-27487 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27487 |
55 | Microsoft Azure 输入验证错误漏洞 | CNNVD-202504-1462 | CVE-2025-27489 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27489 |
56 | Microsoft Windows Bluetooth Service 安全漏洞 | CNNVD-202504-1463 | CVE-2025-27490 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27490 |
57 | Microsoft Hyper-V 资源管理错误漏洞 | CNNVD-202504-1464 | CVE-2025-27491 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27491 |
58 | Microsoft Windows Secure Channel 资源管理错误漏洞 | CNNVD-202504-1466 | CVE-2025-27492 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27492 |
59 | Microsoft Windows Installer 后置链接漏洞 | CNNVD-202504-1465 | CVE-2025-27727 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27727 |
60 | Microsoft Windows Kernel Mode Drivers 缓冲区错误漏洞 | CNNVD-202504-1468 | CVE-2025-27728 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27728 |
61 | Microsoft Windows Shell 资源管理错误漏洞 | CNNVD-202504-1467 | CVE-2025-27729 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27729 |
62 | Microsoft Windows Digital Media 资源管理错误漏洞 | CNNVD-202504-1470 | CVE-2025-27730 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27730 |
63 | Microsoft OpenSSH 输入验证错误漏洞 | CNNVD-202504-1469 | CVE-2025-27731 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27731 |
64 | Microsoft Win32k 安全漏洞 | CNNVD-202504-1471 | CVE-2025-27732 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27732 |
65 | Microsoft Windows NTFS 缓冲区错误漏洞 | CNNVD-202504-1472 | CVE-2025-27733 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27733 |
66 | Microsoft Windows 输入验证错误漏洞 | CNNVD-202504-1476 | CVE-2025-27737 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27737 |
67 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202504-1477 | CVE-2025-27739 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27739 |
68 | Microsoft Active Directory Certificate Services 安全漏洞 | CNNVD-202504-1272 | CVE-2025-27740 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27740 |
69 | Microsoft Windows NTFS 缓冲区错误漏洞 | CNNVD-202504-1275 | CVE-2025-27741 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27741 |
70 | Microsoft System Center Operations Manager 代码问题漏洞 | CNNVD-202504-1305 | CVE-2025-27743 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27743 |
71 | Microsoft Office 访问控制错误漏洞 | CNNVD-202504-1278 | CVE-2025-27744 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27744 |
72 | Microsoft Office 资源管理错误漏洞 | CNNVD-202504-1285 | CVE-2025-27745 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27745 |
73 | Microsoft Office 资源管理错误漏洞 | CNNVD-202504-1288 | CVE-2025-27746 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27746 |
74 | Microsoft Office 安全漏洞 | CNNVD-202504-1296 | CVE-2025-27747 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27747 |
75 | Microsoft Office 资源管理错误漏洞 | CNNVD-202504-1292 | CVE-2025-27748 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27748 |
76 | Microsoft Office 资源管理错误漏洞 | CNNVD-202504-1301 | CVE-2025-27749 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27749 |
77 | Microsoft Office 资源管理错误漏洞 | CNNVD-202504-1318 | CVE-2025-27750 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27750 |
78 | Microsoft Office 资源管理错误漏洞 | CNNVD-202504-1312 | CVE-2025-27751 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27751 |
79 | Microsoft Office 安全漏洞 | CNNVD-202504-1315 | CVE-2025-27752 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27752 |
80 | Microsoft Office 安全漏洞 | CNNVD-202504-1323 | CVE-2025-29791 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29791 |
81 | Microsoft Office 资源管理错误漏洞 | CNNVD-202504-1329 | CVE-2025-29792 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29792 |
82 | Microsoft Office Sharepoint Server 代码问题漏洞 | CNNVD-202504-1325 | CVE-2025-29793 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29793 |
83 | Microsoft SharePoint 授权问题漏洞 | CNNVD-202504-1334 | CVE-2025-29794 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29794 |
84 | Microsoft AutoUpdate for Mac 安全漏洞 | CNNVD-202504-1478 | CVE-2025-29800 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29800 |
85 | Microsoft AutoUpdate for Mac 安全漏洞 | CNNVD-202504-1479 | CVE-2025-29801 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29801 |
86 | Microsoft Visual Studio 代码问题漏洞 | CNNVD-202504-1480 | CVE-2025-29802 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29802 |
87 | Microsoft Visual Studio 安全漏洞 | CNNVD-202504-1491 | CVE-2025-29803 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29803 |
88 | Microsoft Visual Studio 访问控制错误漏洞 | CNNVD-202504-1481 | CVE-2025-29804 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29804 |
89 | Microsoft Outlook for Android 信息泄露漏洞 | CNNVD-202504-1482 | CVE-2025-29805 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29805 |
90 | Microsoft Windows Kerberos 安全漏洞 | CNNVD-202504-1484 | CVE-2025-29809 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29809 |
91 | Microsoft Active Directory Domain Services 访问控制错误漏洞 | CNNVD-202504-1486 | CVE-2025-29810 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29810 |
92 | Microsoft Windows Mobile Broadband Driver 安全漏洞 | CNNVD-202504-1487 | CVE-2025-29811 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29811 |
93 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202504-1485 | CVE-2025-29812 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29812 |
94 | Microsoft Office 安全漏洞 | CNNVD-202504-1488 | CVE-2025-29816 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29816 |
95 | Microsoft Office 资源管理错误漏洞 | CNNVD-202504-1345 | CVE-2025-29820 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29820 |
96 | Microsoft Office 安全漏洞 | CNNVD-202504-1351 | CVE-2025-29822 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29822 |
97 | Microsoft Office 资源管理错误漏洞 | CNNVD-202504-1355 | CVE-2025-29823 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29823 |
98 | Microsoft Windows Common Log File System Driver 资源管理错误漏洞 | CNNVD-202504-1361 | CVE-2025-29824 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29824 |
99 | Microsoft Visual Studio Code 安全漏洞 | CNNVD-202504-1525 | CVE-2025-20570 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-20570 |
100 | Microsoft Windows NTFS 访问控制错误漏洞 | CNNVD-202504-1386 | CVE-2025-21197 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21197 |
101 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202504-1404 | CVE-2025-21203 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21203 |
102 | Microsoft Azure 日志信息泄露漏洞 | CNNVD-202504-1411 | CVE-2025-25002 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-25002 |
103 | Microsoft Windows Hello 安全漏洞 | CNNVD-202504-1413 | CVE-2025-26635 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26635 |
104 | Microsoft Windows BitLocker 安全漏洞 | CNNVD-202504-1415 | CVE-2025-26637 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26637 |
105 | Microsoft Windows Hello 安全漏洞 | CNNVD-202504-1419 | CVE-2025-26644 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26644 |
106 | Microsoft Windows 安全漏洞 | CNNVD-202504-1421 | CVE-2025-26651 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26651 |
107 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202504-1191 | CVE-2025-26664 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26664 |
108 | Microsoft Windows Routing and Remote Access Service 信息泄露漏洞 | CNNVD-202504-1197 | CVE-2025-26667 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26667 |
109 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202504-1427 | CVE-2025-26672 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26672 |
110 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202504-1432 | CVE-2025-26676 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26676 |
111 | Microsoft Win32k 资源管理错误漏洞 | CNNVD-202504-1210 | CVE-2025-26681 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26681 |
112 | Microsoft Streaming Service 安全漏洞 | CNNVD-202504-1231 | CVE-2025-27471 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27471 |
113 | Microsoft Windows 安全漏洞 | CNNVD-202504-1247 | CVE-2025-27472 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27472 |
114 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202504-1251 | CVE-2025-27474 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27474 |
115 | Microsoft Windows Virtualization-Based Security Enclave 数据伪造问题漏洞 | CNNVD-202504-1474 | CVE-2025-27735 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27735 |
116 | Microsoft Windows Power Dependency Coordinator 信息泄露漏洞 | CNNVD-202504-1473 | CVE-2025-27736 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27736 |
117 | Microsoft Windows Resilient File System(ReFS) 访问控制错误漏洞 | CNNVD-202504-1475 | CVE-2025-27738 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27738 |
118 | Microsoft Windows NTFS 缓冲区错误漏洞 | CNNVD-202504-1282 | CVE-2025-27742 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-27742 |
119 | Microsoft Windows Cryptographic Services 安全漏洞 | CNNVD-202504-1483 | CVE-2025-29808 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29808 |
120 | Microsoft Azure 安全漏洞 | CNNVD-202504-1490 | CVE-2025-29819 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29819 |
121 | Microsoft Dynamics Business Central 输入验证错误漏洞 | CNNVD-202504-1339 | CVE-2025-29821 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29821 |
三、修复建议
目前,微软官方已经发布补丁修复了上述漏洞,建议用户及时确认漏洞影响,尽快采取修补措施。微软官方补丁下载地址:
https://msrc.microsoft.com/update-guide/en-us
CNNVD将继续跟踪上述漏洞的相关情况,及时发布相关信息。如有需要,可与CNNVD联系。联系方式: cnnvd@itsec.gov.cn
(转自国家信息安全漏洞库)
一审:易四兰
二审:李振华
三审:汪绍荣