الموقع الرسمي للمركز الوطني الإرشادي للأمن السيبراني
تنبيه Microsoft
2804
تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
23 يناير, 2022
● عالي
2022-4263
الكل
أصدرت Microsoft عدة تحديثات لمعالجة عدد من الثغرات في المنتجات التالية:
- Microsoft Edge for Android
- Microsoft Edge (Chromium-based)
- Windows 10 Version 1809 for 32-bit Systems
- Windows 10 Version 1809 for x64-based Systems
- Windows 10 Version 1809 for ARM64-based Systems
- Windows Server 2019
- Windows 10 Version 1909 for 32-bit Systems
- Windows 10 Version 1909 for x64-based Systems
- Windows 10 Version 1909 for ARM64-based Systems
- Windows 10 Version 21H1 for x64-based Systems
- Windows 10 Version 21H1 for ARM64-based Systems
- Windows 10 Version 21H1 for 32-bit Systems
- Windows Server 2022
- Windows 10 Version 20H2 for x64-based Systems
- Windows 10 Version 20H2 for x64-based Systems
- Windows 10 Version 20H2 for ARM64-based Systems
- Windows 11 for x64-based Systems
- Windows 11 for ARM64-based Systems
- Windows 10 Version 21H2 for 32-bit Systems
- Windows 10 Version 21H2 for ARM64-based Systems
- Windows 10 Version 21H2 for x64-based Systems
- Windows 10 for 32-bit Systems
- Windows 10 for x64-based Systems
- Windows 10 Version 1607 for 32-bit Systems
- Windows 10 Version 1607 for x64-based Systems
- Windows Server 2016
- Windows 7 for 32-bit Systems Service Pack 1
- Windows 7 for x64-based Systems Service Pack 1
- Windows 8.1 for 32-bit systems
- Windows 8.1 for x64-based systems
- Windows RT 8.1
- Windows Server 2008 for 32-bit Systems Service Pack 2
- Windows Server 2008 for x64-based Systems Service Pack 2
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Windows Server 2012
- Windows Server 2012 R2
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- تنفيذ برمجيات خبيثة
- تجاوز سعة مخزن الذاكرة المؤقت
- هجوم انتحال الشخصية (Spoofing attacks)
يوصي المركز بتحديث المنتجات المتأثرة، حيث أصدرت Microsoft توضيحًا لهذه التحديثات:
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0289
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0290
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0291
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0292
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0293
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0294
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0295
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0296
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0297
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0298
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0300
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0301
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0302
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0303
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0304
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0305
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0306
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0307
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0308
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0309
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0310
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-0311
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2013-3900
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23258
قيم المحتوى
شارك الصفحة
