Microsoft .NET Framework 的安全更新(2022 年 12 月)

high Nessus 插件 ID 168745

简介

远程主机上安装的 Microsoft .NET Framework 缺少安全更新。

描述

远程主机上安装的 Microsoft .NET Framework 缺少安全更新。由于未正确处理 XPS 文件,因而会受到远程代码执行漏洞的影响。

解决方案

Microsoft 已发布用于 Microsoft .NET Framework 的安全更新。

另见

http://www.nessus.org/u?0d29de7c

http://www.nessus.org/u?e40dadbd

https://support.microsoft.com/en-us/help/5020859

https://support.microsoft.com/en-us/help/5020860

https://support.microsoft.com/en-us/help/5020861

https://support.microsoft.com/en-us/help/5020862

https://support.microsoft.com/en-us/help/5020866

https://support.microsoft.com/en-us/help/5020867

https://support.microsoft.com/en-us/help/5020868

https://support.microsoft.com/en-us/help/5020869

https://support.microsoft.com/en-us/help/5020872

https://support.microsoft.com/en-us/help/5020873

https://support.microsoft.com/en-us/help/5020874

https://support.microsoft.com/en-us/help/5020875

https://support.microsoft.com/en-us/help/5020876

https://support.microsoft.com/en-us/help/5020877

https://support.microsoft.com/en-us/help/5020878

https://support.microsoft.com/en-us/help/5020879

https://support.microsoft.com/en-us/help/5020880

https://support.microsoft.com/en-us/help/5020881

https://support.microsoft.com/en-us/help/5020882

https://support.microsoft.com/en-us/help/5020883

https://support.microsoft.com/en-us/help/5020894

https://support.microsoft.com/en-us/help/5020895

https://support.microsoft.com/en-us/help/5020896

https://support.microsoft.com/en-us/help/5020897

https://support.microsoft.com/en-us/help/5020898

https://support.microsoft.com/en-us/help/5020899

https://support.microsoft.com/en-us/help/5020900

https://support.microsoft.com/en-us/help/5020901

https://support.microsoft.com/en-us/help/5020902

https://support.microsoft.com/en-us/help/5020903

插件详情

严重性: High

ID: 168745

文件名: smb_nt_ms22_dec_dotnet.nasl

版本: 1.10

类型: local

代理: windows

发布时间: 2022/12/15

最近更新时间: 2023/11/20

支持的传感器: Nessus

风险信息

VPR

风险因素: Medium

分数: 6.7

CVSS v2

风险因素: High

基本分数: 7.2

时间分数: 5.3

矢量: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS 分数来源: CVE-2022-41089

CVSS v3

风险因素: High

基本分数: 7.8

时间分数: 6.8

矢量: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

时间矢量: CVSS:3.0/E:U/RL:O/RC:C

漏洞信息

CPE: cpe:/a:microsoft:.net_framework

必需的 KB 项: SMB/MS_Bulletin_Checks/Possible

易利用性: No known exploits are available

补丁发布日期: 2022/12/13

漏洞发布日期: 2022/12/13

参考资料信息

CVE: CVE-2022-41089

IAVA: 2022-A-0534-S

MSFT: MS22-5020859, MS22-5020860, MS22-5020861, MS22-5020862, MS22-5020866, MS22-5020867, MS22-5020868, MS22-5020869, MS22-5020872, MS22-5020873, MS22-5020874, MS22-5020875, MS22-5020876, MS22-5020877, MS22-5020878, MS22-5020879, MS22-5020880, MS22-5020881, MS22-5020882, MS22-5020883, MS22-5020894, MS22-5020895, MS22-5020896, MS22-5020897, MS22-5020898, MS22-5020899, MS22-5020900, MS22-5020901, MS22-5020902, MS22-5020903

MSKB: 5020859, 5020860, 5020861, 5020862, 5020866, 5020867, 5020868, 5020869, 5020872, 5020873, 5020874, 5020875, 5020876, 5020877, 5020878, 5020879, 5020880, 5020881, 5020882, 5020883, 5020894, 5020895, 5020896, 5020897, 5020898, 5020899, 5020900, 5020901, 5020902, 5020903