一、背景介绍
4月22日,市委网信办技术支撑单位监测到微软发布安全更新,修复了一个远程代码执行漏洞(CVE-2021-27085)。
1.1漏洞描述
多个Windows平台的Internet Explorer存在远程代码执行漏洞,攻击者可利用该漏洞进行恶意攻击。目前该漏洞已有PoC。
1.2漏洞编号
CVE-2021-27085
1.3漏洞等级
高危
二、修复建议
2.1 受影响版本
以下平台的所有 IE11均受影响
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
2.2 修复建议
官方建议:及时更新补丁
参考链接:https://msrc.microsoft.com/update-guide/vuln
请各单位高度关注,谢谢!