微软如期发布3月份的安全更新,累计修复23枚漏洞,这些漏洞包含IE/Win7/Win8在内的23枚漏洞,分别覆盖Windows全平台、IE浏览器、Silverlight组件。之前,IE9/IE10曝光的零日漏洞也在本次补丁日上被修复。
Windows Update
其中,一枚IE浏览器累积性功能更新修复18枚安全漏洞,包括近期曝光的IE9/IE10零日漏洞。
微软3月份安全更新具体内容:MS14-012:Cumulative Security Update for Internet Explorer (2925418),面向Internet Explorer所有版本的累积性功能更新,覆盖IE6至IE11浏览器
MS14-013: Vulnerability in Microsoft DirectShow Could
Allow Remote Code Execution (2929961)修复微软DirectShow中远程代码执行漏洞
MS14-014: Vulnerabilities in Windows Kernel-Mode Driver Could Allow
Elevation of Privilege (2930275)修复Windows核心驱动中允许特权提升的漏洞
MS14-015: Vulnerability in Security Account Manager Remote (SAMR)
Protocol Could Allow Security Feature Bypass (2934418)修复SAMR的安全漏洞
MS14-016: Vulnerability in Silverlight Could Allow Security Feature Bypass (2932677)修复Silverlight 组件允许越过安全特征的漏洞。