【漏洞通报】CNNVD关于微软多个安全漏洞的通报
发布时间:2025-07-10 16:06:08
近日,微软官方发布了多个安全漏洞的公告,其中微软产品本身漏洞135个,影响到微软产品的其他厂商漏洞10个。微软Microsoft Windows、Microsoft Windows Event Tracing、Microsoft Universal Print Management Service、Microsoft Windows Secure Kernel Mode等多个产品和系统受漏洞影响。目前,微软官方已经发布了漏洞修复补丁,建议用户及时确认是否受到漏洞影响,尽快采取修补措施。
一、 漏洞介绍
2025年7月8日,微软发布了2025年7月份安全更新,共145个漏洞的补丁程序,CNNVD对这些漏洞进行了收录。本次更新主要涵盖了Microsoft Windows 和 Windows 组件、Microsoft Windows Event Tracing、Microsoft Universal Print Management Service、Microsoft Windows Secure Kernel Mode、Microsoft Windows Remote Desktop Licensing Service、Microsoft Windows Shell等。CNNVD对其危害等级进行了评价,其中超危漏洞1个,高危漏洞103个,中危漏洞38个,低危漏洞3个。微软多个产品和系统版本受漏洞影响,具体影响范围可访问微软官方网站查询:
https://portal.msrc.microsoft.com/zh-cn/security-guidance
二、漏洞详情
此次更新共145个漏洞的补丁程序,包括128个新增漏洞的补丁程序、7个更新漏洞的补丁程序和10个影响微软产品的其他厂商漏洞的补丁程序。
此次更新共包括128个新增漏洞的补丁程序,其中超危漏洞1个,高危漏洞97个,中危漏洞27个,低危漏洞3个。
| 序号 | 漏洞名称 | CNNVD编号 | CVE编号 | 危害等级 | 官方链接 |
| 1 | Microsoft SPNEGO Extended Negotiation 安全漏洞 | CNNVD-202507-1065 | CVE-2025-47981 | 超危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47981 |
| 2 | Microsoft Remote Desktop Client 安全漏洞 | CNNVD-202507-881 | CVE-2025-33054 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33054 |
| 3 | Microsoft Windows Virtualization-Based Security Enclave 安全漏洞 | CNNVD-202507-883 | CVE-2025-47159 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47159 |
| 4 | Microsoft Configuration Manager SQL注入漏洞 | CNNVD-202507-1059 | CVE-2025-47178 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47178 |
| 5 | Microsoft Virtual Hard Disk 安全漏洞 | CNNVD-202507-890 | CVE-2025-47971 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47971 |
| 6 | Microsoft Input Method Editor 竞争条件问题漏洞 | CNNVD-202507-893 | CVE-2025-47972 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47972 |
| 7 | Microsoft Virtual Hard Disks 安全漏洞 | CNNVD-202507-1061 | CVE-2025-47973 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47973 |
| 8 | Microsoft Windows SSDP 资源管理错误漏洞 | CNNVD-202507-1063 | CVE-2025-47975 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47975 |
| 9 | Microsoft Windows SSDP 资源管理错误漏洞 | CNNVD-202507-897 | CVE-2025-47976 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47976 |
| 10 | Microsoft Windows 安全漏洞 | CNNVD-202507-1067 | CVE-2025-47982 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47982 |
| 11 | Microsoft Windows GDI+ 安全漏洞 | CNNVD-202507-900 | CVE-2025-47984 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47984 |
| 12 | Microsoft Windows Event Tracing 安全漏洞 | CNNVD-202507-907 | CVE-2025-47985 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47985 |
| 13 | Microsoft Universal Print Management Service 资源管理错误漏洞 | CNNVD-202507-915 | CVE-2025-47986 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47986 |
| 14 | Microsoft Windows 安全漏洞 | CNNVD-202507-921 | CVE-2025-47987 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47987 |
| 15 | Microsoft Azure Monitor 代码注入漏洞 | CNNVD-202507-1070 | CVE-2025-47988 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47988 |
| 16 | Microsoft Input Method Editor 资源管理错误漏洞 | CNNVD-202507-983 | CVE-2025-47991 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47991 |
| 17 | Microsoft PC Manager 访问控制错误漏洞 | CNNVD-202507-987 | CVE-2025-47993 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47993 |
| 18 | Microsoft Office 代码问题漏洞 | CNNVD-202507-989 | CVE-2025-47994 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47994 |
| 19 | Microsoft Windows 数字错误漏洞 | CNNVD-202507-1073 | CVE-2025-47996 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47996 |
| 20 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202507-1072 | CVE-2025-47998 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47998 |
| 21 | Microsoft Windows 资源管理错误漏洞 | CNNVD-202507-1074 | CVE-2025-48000 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48000 |
| 22 | Microsoft Windows Update 后置链接漏洞 | CNNVD-202507-1080 | CVE-2025-48799 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48799 |
| 23 | Microsoft MPEG-2 Video Extension 安全漏洞 | CNNVD-202507-1086 | CVE-2025-48805 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48805 |
| 24 | Microsoft MPEG-2 Video Extension 资源管理错误漏洞 | CNNVD-202507-1085 | CVE-2025-48806 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48806 |
| 25 | Microsoft Windows Remote Desktop Licensing Service 访问控制错误漏洞 | CNNVD-202507-1090 | CVE-2025-48814 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48814 |
| 26 | Microsoft Windows SSDP 安全漏洞 | CNNVD-202507-1091 | CVE-2025-48815 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48815 |
| 27 | Microsoft Windows 输入验证错误漏洞 | CNNVD-202507-1092 | CVE-2025-48816 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48816 |
| 28 | Microsoft Remote Desktop Client 安全漏洞 | CNNVD-202507-1094 | CVE-2025-48817 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48817 |
| 29 | Microsoft Windows UPnP 安全漏洞 | CNNVD-202507-1093 | CVE-2025-48819 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48819 |
| 30 | Microsoft Windows AppX Deployment Service 后置链接漏洞 | CNNVD-202507-1096 | CVE-2025-48820 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48820 |
| 31 | Microsoft Windows UPnP 资源管理错误漏洞 | CNNVD-202507-1098 | CVE-2025-48821 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48821 |
| 32 | Microsoft Hyper-V 缓冲区错误漏洞 | CNNVD-202507-1097 | CVE-2025-48822 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48822 |
| 33 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202507-923 | CVE-2025-48824 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48824 |
| 34 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202507-927 | CVE-2025-49657 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49657 |
| 35 | Microsoft Windows 安全漏洞 | CNNVD-202507-1100 | CVE-2025-49659 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49659 |
| 36 | Microsoft Windows Event Tracing 资源管理错误漏洞 | CNNVD-202507-1101 | CVE-2025-49660 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49660 |
| 37 | Microsoft Windows Ancillary Function Driver for WinSock 安全漏洞 | CNNVD-202507-932 | CVE-2025-49661 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49661 |
| 38 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202507-1103 | CVE-2025-49663 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49663 |
| 39 | Microsoft Windows 资源管理错误漏洞 | CNNVD-202507-1102 | CVE-2025-49665 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49665 |
| 40 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202507-1104 | CVE-2025-49666 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49666 |
| 41 | Microsoft Win32k 资源管理错误漏洞 | CNNVD-202507-1106 | CVE-2025-49667 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49667 |
| 42 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202507-1107 | CVE-2025-49668 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49668 |
| 43 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202507-1108 | CVE-2025-49669 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49669 |
| 44 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202507-936 | CVE-2025-49670 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49670 |
| 45 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202507-941 | CVE-2025-49672 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49672 |
| 46 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202507-1109 | CVE-2025-49673 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49673 |
| 47 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202507-948 | CVE-2025-49674 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49674 |
| 48 | Microsoft Windows 资源管理错误漏洞 | CNNVD-202507-1110 | CVE-2025-49675 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49675 |
| 49 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202507-953 | CVE-2025-49676 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49676 |
| 50 | Microsoft Brokering File System 资源管理错误漏洞 | CNNVD-202507-958 | CVE-2025-49677 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49677 |
| 51 | Microsoft Windows NTFS 代码问题漏洞 | CNNVD-202507-1111 | CVE-2025-49678 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49678 |
| 52 | Microsoft Windows Shell 安全漏洞 | CNNVD-202507-1112 | CVE-2025-49679 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49679 |
| 53 | Microsoft Windows 后置链接漏洞 | CNNVD-202507-1113 | CVE-2025-49680 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49680 |
| 54 | Microsoft Windows Media 资源管理错误漏洞 | CNNVD-202507-1114 | CVE-2025-49682 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49682 |
| 55 | Microsoft Manage Virtual Hard Disks 安全漏洞 | CNNVD-202507-1117 | CVE-2025-49683 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49683 |
| 56 | Microsoft Windows 资源管理错误漏洞 | CNNVD-202507-1118 | CVE-2025-49685 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49685 |
| 57 | Microsoft Windows tcp/ip 代码问题漏洞 | CNNVD-202507-961 | CVE-2025-49686 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49686 |
| 58 | Microsoft Input Method Editor 缓冲区错误漏洞 | CNNVD-202507-967 | CVE-2025-49687 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49687 |
| 59 | Microsoft Windows Routing and Remote Access Service 资源管理错误漏洞 | CNNVD-202507-968 | CVE-2025-49688 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49688 |
| 60 | Microsoft Virtual Hard Disk 安全漏洞 | CNNVD-202507-971 | CVE-2025-49689 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49689 |
| 61 | Microsoft Windows 资源管理错误漏洞 | CNNVD-202507-975 | CVE-2025-49690 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49690 |
| 62 | Microsoft Windows Media 安全漏洞 | CNNVD-202507-978 | CVE-2025-49691 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49691 |
| 63 | Microsoft Brokering File System 资源管理错误漏洞 | CNNVD-202507-1119 | CVE-2025-49693 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49693 |
| 64 | Microsoft Brokering File System 代码问题漏洞 | CNNVD-202507-980 | CVE-2025-49694 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49694 |
| 65 | Microsoft Office 资源管理错误漏洞 | CNNVD-202507-1120 | CVE-2025-49695 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49695 |
| 66 | Microsoft Office 安全漏洞 | CNNVD-202507-1122 | CVE-2025-49696 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49696 |
| 67 | Microsoft Office 安全漏洞 | CNNVD-202507-1121 | CVE-2025-49697 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49697 |
| 68 | Microsoft Word 资源管理错误漏洞 | CNNVD-202507-1124 | CVE-2025-49698 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49698 |
| 69 | Microsoft Office 资源管理错误漏洞 | CNNVD-202507-1125 | CVE-2025-49699 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49699 |
| 70 | Microsoft Word 资源管理错误漏洞 | CNNVD-202507-1123 | CVE-2025-49700 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49700 |
| 71 | Microsoft SharePoint 授权问题漏洞 | CNNVD-202507-1126 | CVE-2025-49701 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49701 |
| 72 | Microsoft Office 安全漏洞 | CNNVD-202507-1127 | CVE-2025-49702 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49702 |
| 73 | Microsoft Word 资源管理错误漏洞 | CNNVD-202507-1128 | CVE-2025-49703 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49703 |
| 74 | Microsoft SharePoint 代码注入漏洞 | CNNVD-202507-1130 | CVE-2025-49704 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49704 |
| 75 | Microsoft Office PowerPoint 安全漏洞 | CNNVD-202507-1129 | CVE-2025-49705 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49705 |
| 76 | Microsoft Excel 资源管理错误漏洞 | CNNVD-202507-1004 | CVE-2025-49711 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49711 |
| 77 | Microsoft Visual Studio Code 安全漏洞 | CNNVD-202507-1132 | CVE-2025-49714 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49714 |
| 78 | Microsoft SQL Server 安全漏洞 | CNNVD-202507-1016 | CVE-2025-49717 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49717 |
| 79 | Microsoft SQL Server 安全漏洞 | CNNVD-202507-1133 | CVE-2025-49718 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49718 |
| 80 | Microsoft SQL Server 输入验证错误漏洞 | CNNVD-202507-1051 | CVE-2025-49719 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49719 |
| 81 | Microsoft Windows Fast Fat Driver 安全漏洞 | CNNVD-202507-1053 | CVE-2025-49721 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49721 |
| 82 | Microsoft Windows 安全漏洞 | CNNVD-202507-1056 | CVE-2025-49723 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49723 |
| 83 | Microsoft Windows 资源管理错误漏洞 | CNNVD-202507-1135 | CVE-2025-49724 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49724 |
| 84 | Microsoft Windows 资源管理错误漏洞 | CNNVD-202507-1136 | CVE-2025-49725 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49725 |
| 85 | Microsoft Windows 资源管理错误漏洞 | CNNVD-202507-1057 | CVE-2025-49726 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49726 |
| 86 | Microsoft Win32k 安全漏洞 | CNNVD-202507-1137 | CVE-2025-49727 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49727 |
| 87 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202507-1138 | CVE-2025-49729 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49729 |
| 88 | Microsoft Windows 安全漏洞 | CNNVD-202507-1139 | CVE-2025-49730 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49730 |
| 89 | Microsoft Graphics Component 安全漏洞 | CNNVD-202507-1140 | CVE-2025-49732 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49732 |
| 90 | Microsoft Win32k 资源管理错误漏洞 | CNNVD-202507-1144 | CVE-2025-49733 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49733 |
| 91 | Microsoft Windows 资源管理错误漏洞 | CNNVD-202507-1062 | CVE-2025-49735 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49735 |
| 92 | Microsoft Teams 竞争条件问题漏洞 | CNNVD-202507-1141 | CVE-2025-49737 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49737 |
| 93 | Microsoft PC Manager 后置链接漏洞 | CNNVD-202507-1143 | CVE-2025-49738 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49738 |
| 94 | Microsoft Visual Studio 后置链接漏洞 | CNNVD-202507-1142 | CVE-2025-49739 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49739 |
| 95 | Microsoft SmartScreen 安全漏洞 | CNNVD-202507-1145 | CVE-2025-49740 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49740 |
| 96 | Microsoft Graphics Component 安全漏洞 | CNNVD-202507-1146 | CVE-2025-49742 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49742 |
| 97 | Microsoft Graphics Component 安全漏洞 | CNNVD-202507-1147 | CVE-2025-49744 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49744 |
| 98 | Microsoft Windows Routing and Remote Access Service 安全漏洞 | CNNVD-202507-1069 | CVE-2025-49753 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49753 |
| 99 | Microsoft Service Fabric 后置链接漏洞 | CNNVD-202507-887 | CVE-2025-21195 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21195 |
| 100 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202507-877 | CVE-2025-26636 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26636 |
| 101 | Microsoft Windows Kerberos 缓冲区错误漏洞 | CNNVD-202507-1066 | CVE-2025-47978 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47978 |
| 102 | Microsoft Windows 信息泄露漏洞 | CNNVD-202507-1064 | CVE-2025-47980 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47980 |
| 103 | Microsoft Hyper-V 安全漏洞 | CNNVD-202507-1075 | CVE-2025-47999 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47999 |
| 104 | Microsoft Windows BitLocker 安全漏洞 | CNNVD-202507-1076 | CVE-2025-48001 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48001 |
| 105 | Microsoft Hyper-V 输入验证错误漏洞 | CNNVD-202507-1077 | CVE-2025-48002 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48002 |
| 106 | Microsoft Windows BitLocker 安全漏洞 | CNNVD-202507-1078 | CVE-2025-48003 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48003 |
| 107 | Microsoft Windows BitLocker 安全漏洞 | CNNVD-202507-1081 | CVE-2025-48800 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48800 |
| 108 | Microsoft Windows SMB Server 信任管理问题漏洞 | CNNVD-202507-1079 | CVE-2025-48802 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48802 |
| 109 | Microsoft Windows Virtualization-Based Security Enclave 安全漏洞 | CNNVD-202507-1083 | CVE-2025-48803 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48803 |
| 110 | Microsoft Windows BitLocker 安全漏洞 | CNNVD-202507-1082 | CVE-2025-48804 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48804 |
| 111 | Microsoft Windows Kernel 信息泄露漏洞 | CNNVD-202507-1084 | CVE-2025-48808 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48808 |
| 112 | Microsoft Windows Kernel 安全漏洞 | CNNVD-202507-1088 | CVE-2025-48809 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48809 |
| 113 | Microsoft Windows Secure Kernel Mode 安全漏洞 | CNNVD-202507-1087 | CVE-2025-48810 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48810 |
| 114 | Microsoft Windows Virtualization-Based Security Enclave 安全漏洞 | CNNVD-202507-1089 | CVE-2025-48811 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48811 |
| 115 | Microsoft Excel 缓冲区错误漏洞 | CNNVD-202507-1000 | CVE-2025-48812 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48812 |
| 116 | Microsoft Windows BitLocker 安全漏洞 | CNNVD-202507-1095 | CVE-2025-48818 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48818 |
| 117 | Microsoft Windows Cryptographic Services 安全漏洞 | CNNVD-202507-1099 | CVE-2025-48823 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-48823 |
| 118 | Microsoft Windows 缓冲区错误漏洞 | CNNVD-202507-931 | CVE-2025-49658 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49658 |
| 119 | Microsoft Windows User-mode Driver Framework 信息泄露漏洞 | CNNVD-202507-1105 | CVE-2025-49664 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49664 |
| 120 | Microsoft Windows Routing and Remote Access Service 缓冲区错误漏洞 | CNNVD-202507-938 | CVE-2025-49671 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49671 |
| 121 | Microsoft Windows Routing and Remote Access Service 缓冲区错误漏洞 | CNNVD-202507-1115 | CVE-2025-49681 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49681 |
| 122 | Microsoft Windows Storage Port Driver 安全漏洞 | CNNVD-202507-1116 | CVE-2025-49684 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49684 |
| 123 | Microsoft Office Sharepoint Server 授权问题漏洞 | CNNVD-202507-1131 | CVE-2025-49706 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49706 |
| 124 | Microsoft Windows Netlogon 资源管理错误漏洞 | CNNVD-202507-1010 | CVE-2025-49716 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49716 |
| 125 | Microsoft Windows Print Spooler Components 资源管理错误漏洞 | CNNVD-202507-1134 | CVE-2025-49722 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49722 |
| 126 | Microsoft Teams 安全漏洞 | CNNVD-202507-1060 | CVE-2025-49731 | 低危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49731 |
| 127 | Microsoft Office 365 加密问题漏洞 | CNNVD-202507-1068 | CVE-2025-49756 | 低危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49756 |
| 128 | Microsoft Windows 安全漏洞 | CNNVD-202507-1071 | CVE-2025-49760 | 低危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49760 |
此次更新共包括7个更新漏洞的补丁程序,其中高危漏洞3个,中危漏洞4个。
| 序号 | 漏洞名称 | CNNVD编号 | CVE编号 | 危害等级 | 官方链接 |
| 1 | Microsoft SQL Server 安全漏洞 | CNNVD-202411-1466 | CVE-2024-49000 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-49000 |
| 2 | Microsoft Visual Studio和Microsoft .NET 代码问题漏洞 | CNNVD-202506-1403 | CVE-2025-30399 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-30399 |
| 3 | Microsoft Defender for Endpoint 访问控制错误漏洞 | CNNVD-202505-2405 | CVE-2025-47161 | 高危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47161 |
| 4 | Microsoft Defender 安全漏洞 | CNNVD-202203-717 | CVE-2022-23278 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23278 |
| 5 | Microsoft Defender 输入验证错误漏洞 | CNNVD-202207-1015 | CVE-2022-33637 | 中危 | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33637 |
| 6 | Microsoft Defender 安全漏洞 | CNNVD-202410-736 | CVE-2024-43614 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43614 |
| 7 | Microsoft Defender 安全漏洞 | CNNVD-202505-1777 | CVE-2025-26684 | 中危 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-26684 |
此次更新共包括10个影响微软产品的其他厂商漏洞的补丁程序,其中高危漏洞3个,中危漏洞7个。
| 序号 | 漏洞名称 | CNNVD编号 | CVE编号 | 危害等级 | 厂商 | 官方链接 |
| 1 | WiX Toolset 安全漏洞 | CNNVD-202403-2343 | CVE-2024-29187 | 高危 | WiX Toolset | https://github.com/wixtoolset/issues/security/advisories/GHSA-rf39-3f98-xr7r |
| 2 | Git 安全漏洞 | CNNVD-202507-1041 | CVE-2025-48384 | 高危 | Git | https://git-scm.com/ |
| 3 | Git 安全漏洞 | CNNVD-202507-1046 | CVE-2025-48385 | 高危 | Git | https://git-scm.com/ |
| 4 | Git 安全漏洞 | CNNVD-202507-1048 | CVE-2025-48386 | 中危 | Git | https://git-scm.com/ |
| 5 | Gitk 安全漏洞 | CNNVD-202507-1019 | CVE-2025-27613 | 中危 | Git | https://git-scm.com/ |
| 6 | Gitk 安全漏洞 | CNNVD-202507-1024 | CVE-2025-27614 | 中危 | Git | https://git-scm.com/ |
| 7 | AMD Store Queue 安全漏洞 | CNNVD-202507-997 | CVE-2025-36350 | 中危 | AMD | https://www.amd.com/ |
| 8 | AMD Store Queue 安全漏洞 | CNNVD-202507-992 | CVE-2025-36357 | 中危 | AMD | https://www.amd.com/ |
| 9 | Git 安全漏洞 | CNNVD-202507-1029 | CVE-2025-46334 | 中危 | Git | https://git-scm.com/ |
| 10 | Git 安全漏洞 | CNNVD-202507-1034 | CVE-2025-46835 | 中危 | Git | https://git-scm.com/ |
三、修复建议
目前,微软官方已经发布补丁修复了上述漏洞,建议用户及时确认漏洞影响,尽快采取修补措施。微软官方补丁下载地址:
https://msrc.microsoft.com/update-guide/en-us
CNNVD将继续跟踪上述漏洞的相关情况,及时发布相关信息。如有需要,可与CNNVD联系。联系方式: cnnvd@itsec.gov.cn
【漏洞通报】CNNVD关于微软多个安全漏洞的通报:等您坐沙发呢!