¡¾·ì϶¹«¸æ¡¿Î¢Èí9Ô¶à¸ö°²È«·ì϶

°ä²¼¹¦·ò 2025-09-10

Ò»¡¢¡¢¡¢·ì϶¸ÅÊö


2025Äê9ÔÂ10ÈÕ£¬£¬£¬OG¶«·½Ìü¼¯ÍÅVSRC¼à²âµ½Î¢Èí°ä²¼ÁË9Ô°²È«¸üУ¬£¬£¬±¾´Î¸üÐÂÐÞ¸´ÁË81¸ö·ì϶£¬£¬£¬º­¸ÇÌØȨÌáÉý¡¢¡¢¡¢Ô¶³Ì´úÂëÖ´ÐС¢¡¢¡¢ÐÅϢй¶µÈ¶àÖÖ·ì϶ÀàÐÍ¡£¡£·ì϶¼¶±ðÉ¢²¼ÈçÏ£º£º8¸öÑÏÖؼ¶±ð·ì϶£¬£¬£¬72¸öÖØÒª¼¶±ð·ì϶£¬£¬£¬1¸öÖÐΣ¼¶±ð·ì϶£¨·ì϶¼¶±ðƾ¾Ý΢Èí¹Ù·½Êý¾Ý£©¡£¡£


ÆäÖУ¬£¬£¬8¸ö·ì϶±»Î¢ÈíÏóÕ÷Ϊ¡°¸ü¿ÉÄܱ»ÀûÓá±¼°¡°¼ì²âÀûÓÃÇé¾°¡±£¬£¬£¬Åú×¢ÕâЩ·ì϶´æÔڽϸߵÄÀûÓ÷çÏÕ£¬£¬£¬½¨ÒéÓÅÏÈÐÞ¸´ÒÔ½µµÍDZÔÚ°²È«Íþв¡£¡£


CVE-ID

CVE ±êÌâ

·ì϶¼¶±ð

CVE-2025-53803

Windows ÄÚºËÄÚ´æÐÅϢй¶·ì϶

ÖØÒª

CVE-2025-53804

Windows ÄÚºËģʽÇý¶¯·¨Ê½ÐÅÏ¢Åû¶·ì϶

ÖØÒª

CVE-2025-54093

Windows TCP/IP Çý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54098

Windows Hyper-V ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54110

Windows ÄÚºËÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54916

Windows NTFS Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-54918

Windows NTLM ÌØȨÌáÉý·ì϶

ÑÏÖØ

CVE-2025-55234

Windows SMB Elevation of Privilege Vulnerability

ÖØÒª


΢Èí9Ô¸üÐÂÐÞ¸´µÄÆëÈ«·ì϶ÁбíÈçÏ£º£º


CVE-ID

CVE ±êÌâ

·ì϶¼¶±ð

CVE-2025-47997

Microsoft SQL Server ÐÅϢй¶·ì϶

ÖØÒª

CVE-2025-49692

Azure Connected Machine Agent ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-49734

PowerShell Direct ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-53791

»ùÓÚChromium µÄ Microsoft Edge °²È«Ö°ÄÜÈƹý·ì϶

ÖÐ

CVE-2025-53796

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

ÖØÒª

CVE-2025-53797

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

ÖØÒª

CVE-2025-53798

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

ÖØÒª

CVE-2025-53799

Windows ³ÉÏñ×é¼þÐÅϢй¶·ì϶

ÑÏÖØ

CVE-2025-53800

Windows ͼÐÎ×é¼þÌØȨÌáÉý·ì϶

ÑÏÖØ

CVE-2025-53801

Microsoft DWM Ö÷Ìâ¿âȨÏÞÌáÉý·ì϶

ÖØÒª

CVE-2025-53802

Windows Bluetooth ·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-53803

Windows ÄÚºËÄÚ´æÐÅϢй¶·ì϶

ÖØÒª

CVE-2025-53804

Windows ÄÚºËģʽÇý¶¯·¨Ê½ÐÅÏ¢Åû¶·ì϶

ÖØÒª

CVE-2025-53805

HTTP.sys »Ø¾ø·þÎñ·ì϶

ÖØÒª

CVE-2025-53806

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

ÖØÒª

CVE-2025-53807

Windows ͼÐÎ×é¼þÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-53808

Windows Defender ·À»ðǽ·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-53809

±¾µØ°²È«ÈÏÖ¤×Óϵͳ·þÎñ(LSASS) »Ø¾ø·þÎñ·ì϶

ÖØÒª

CVE-2025-53810

Windows Defender ·À»ðǽ·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54091

Windows Hyper-V ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54092

Windows Hyper-V ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54093

Windows TCP/IP Çý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54094

Windows Defender ·À»ðǽ·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54095

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

ÖØÒª

CVE-2025-54096

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

ÖØÒª

CVE-2025-54097

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

ÖØÒª

CVE-2025-54098

Windows Hyper-V ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54099

WinSock µÄ Windows ¸¨ÖúÖ°ÄÜÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54101

Windows SMB ¿Í»§¶ËÔ¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-54102

Windows »¥ÁªÉ豸ƽ̨·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54103

Windows Management Service Elevation of Privilege Vulnerability

ÖØÒª

CVE-2025-54104

Windows Defender ·À»ðǽ·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54105

Microsoft ´úÀíÎļþϵͳÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54106

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) Ô¶³Ì´úÂëÖ´Ðзì϶

ÖØÒª

CVE-2025-54107

MapUrlToZone °²È«Ö°ÄÜÈƹý·ì϶

ÖØÒª

CVE-2025-54108

Ö°ÄܽӼûÖÎÀí·þÎñ(camsvc) ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54109

Windows Defender ·À»ðǽ·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54110

Windows ÄÚºËÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54111

Windows UI XAML Phone DatePickerFlyout ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54112

Microsoft Ðé¹¹Ó²ÅÌÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54113

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) Ô¶³Ì´úÂëÖ´Ðзì϶

ÖØÒª

CVE-2025-54114

Windows ÏνÓÉ豸ƽ̨·þÎñ (Cdpsvc) »Ø¾ø·þÎñ·ì϶

ÖØÒª

CVE-2025-54115

Windows Hyper-V ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54116

Windows MultiPoint ·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54894

±¾µØ°²È«ÈÏÖ¤×Óϵͳ·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54895

SPNEGO À©´óЭÉÌ (NEGOEX) °²È«»úÖÆÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54896

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-54897

Microsoft SharePoint Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-54898

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-54899

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-54900

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-54901

Microsoft Excel ÐÅϢй¶·ì϶

ÖØÒª

CVE-2025-54902

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-54903

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-54904

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-54905

Microsoft Word ÐÅϢй¶·ì϶

ÖØÒª

CVE-2025-54906

Microsoft Office Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-54907

Microsoft Office Visio Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-54908

Microsoft PowerPoint Ô¶³Ì´úÂëÖ´Ðзì϶

ÖØÒª

CVE-2025-54910

Microsoft Office Ô¶³ÌÖ´ÐдúÂë·ì϶

ÑÏÖØ

CVE-2025-54911

Windows BitLocker ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54912

Windows BitLocker ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54913

Windows UI XAML µØͼ MapControlSettings ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54915

Windows Defender ·À»ðǽ·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-54916

Windows NTFS Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-54917

MapUrlToZone °²È«Ö°ÄÜÈƹý·ì϶

ÖØÒª

CVE-2025-54918

Windows NTLM ÌØȨÌáÉý·ì϶

ÑÏÖØ

CVE-2025-54919

Windows ͼÐÎ×é¼þÔ¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2025-55223

DirectX ͼÐÎÄÚºËÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-55224

Windows Hyper-V Ô¶³ÌÖ´ÐдúÂë·ì϶

ÑÏÖØ

CVE-2025-55225

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

ÖØÒª

CVE-2025-55226

ͼÐÎÄÚºËÔ¶³Ì´úÂëÖ´Ðзì϶

ÑÏÖØ

CVE-2025-55227

Microsoft SQL Server ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-55228

Windows ͼÐÎ×é¼þÔ¶³ÌÖ´ÐдúÂë·ì϶

ÑÏÖØ

CVE-2025-55232

Microsoft ¸ß»úÄÜÍÆËã (HPC) ´ò°üÔ¶³Ì´úÂëÖ´Ðзì϶

ÖØÒª

CVE-2025-55234

Windows SMB Elevation of Privilege Vulnerability

ÖØÒª

CVE-2025-55236

ͼÐÎÄÚºËÔ¶³Ì´úÂëÖ´Ðзì϶

ÑÏÖØ

CVE-2025-55243

Microsoft OfficePlus ºýŪ·ì϶

ÖØÒª

CVE-2025-55245

Õë¶ÔWindows ÌØȨÌáÉý·ì϶µÄ Xbox Live Éí·ÝÑéÖ¤ÖÎÀíÆ÷

ÖØÒª

CVE-2025-55316

Azure Connected Machine Agent ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2025-55317

Microsoft AutoUpdate (MAU) ÌØȨÌáÉý·ì϶

ÖØÒª


¶þ¡¢¡¢¡¢Ó°ÏìÁìÓò


ÊÜÓ°ÏìµÄ²úÆ·/Ö°ÄÜ/·þÎñ/×é¼þÔ̺¬£º£º

SQL Server

Azure Windows Virtual Machine Agent

Windows PowerShell

Microsoft Edge (Chromium-based)

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS)

Windows Imaging Component

Microsoft Graphics Component

Windows DWM

Windows Bluetooth Service

Windows Kernel

Windows Kernel

Windows Internet Information Services

Windows Routing and Remote Access Service (RRAS)

Microsoft Graphics Component

Windows Defender Firewall Service

Windows Local Security Authority Subsystem Service (LSASS)

Windows Defender Firewall Service

Role: Windows Hyper-V

Role: Windows Hyper-V

Windows TCP/IP

Windows Defender Firewall Service

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS)

Windows Routing and Remote Access Service (RRAS)

Role: Windows Hyper-V

Windows Ancillary Function Driver for WinSock

Windows SMBv3 Client

Windows Connected Devices Platform Service

Windows Management Services

Windows Defender Firewall Service

Microsoft Brokering File System

Windows Routing and Remote Access Service (RRAS)

Windows MapUrlToZone

Capability Access Management Service (camsvc)

Windows Defender Firewall Service

Windows Kernel

Windows UI XAML Phone DatePickerFlyout

Microsoft Virtual Hard Drive

Windows Routing and Remote Access Service (RRAS)

Windows Connected Devices Platform Service

Role: Windows Hyper-V

Windows MultiPoint Services

Windows Local Security Authority Subsystem Service (LSASS)

Windows SPNEGO Extended Negotiation

Microsoft Office Excel

Microsoft Office SharePoint

Microsoft Office Excel

Microsoft Office Excel

Microsoft Office Excel

Microsoft Office Excel

Microsoft Office Excel

Microsoft Office Excel

Microsoft Office Excel

Microsoft Office Word

Microsoft Office

Microsoft Office Visio

Microsoft Office PowerPoint

Microsoft Office

Windows BitLocker

Windows BitLocker

Windows UI XAML Maps MapControlSettings

Windows Defender Firewall Service

Windows NTFS

Windows MapUrlToZone

Windows NTLM

Windows Win32K - GRFX

Graphics Kernel

Windows Win32K - GRFX

Windows Routing and Remote Access Service (RRAS)

Graphics Kernel

SQL Server

Windows Win32K - GRFX

Microsoft High Performance Compute Pack (HPC)

Windows SMB

Graphics Kernel

Microsoft Office

Xbox

Azure Arc

Microsoft AutoUpdate (MAU)


Èý¡¢¡¢¡¢°²È«´ëÊ©


3.1 Éý¼¶°æ±¾


Ŀǰ΢ÈíÒÑ°ä²¼Óйذ²È«¸üУ¬£¬£¬½¨ÒéÊÜÓ°ÏìµÄÓû§¾¡¿ìÐÞ¸´¡£¡£


£¨Ò»£©Windows Update×Ô¶¯¸üÐÂ


Microsoft UpdateĬÈÏÆôÓ㬣¬£¬µ±ÏµÍ³¼ì²âµ½¿ÉÓøüÐÂʱ£¬£¬£¬½«»á×Ô¶¯ÏÂÔظüв¢±ÉÈËÒ»´ÎÆô¶¯Ê±×°Öᣡ£Ò²¿ÉÑ¡Ôñͨ¹ýÒÔϲ½ÖèÊÖ¶¯½øÐиüУº£º

1¡¢¡¢¡¢µã»÷¡°ÆðÍ·²Ëµ¥¡±»ò°´Windows¿ì½Ý¼ü£¬£¬£¬µã»÷½øÈë¡°ÉèÖá±

2¡¢¡¢¡¢Ñ¡Ôñ¡°¸üкͰ²È«¡±£¬£¬£¬½øÈë¡°Windows¸üС±£¨Windows 8¡¢¡¢¡¢Windows 8.1¡¢¡¢¡¢Windows Server 2012ÒÔ¼°Windows Server 2012 R2¿Éͨ¹ý½ÚÖÆÃæ°å½øÈë¡°Windows¸üС±£¬£¬£¬¾ßÌå²½ÖèΪ¡°½ÚÖÆÃæ°å¡±->¡°ÏµÍ³ºÍ°²È«¡±->¡°Windows¸üС±£©

3¡¢¡¢¡¢Ñ¡Ôñ¡°²é³­¸üС±£¬£¬£¬ÆÚ´ýϵͳ×Ô¶¯²é³­²¢ÏÂÔØ¿ÉÓøüС£¡£

4¡¢¡¢¡¢¸üÐÂʵÏÖºóÖØÆôÍÆËã»ú£¬£¬£¬¿Éͨ¹ý½øÈë¡°Windows¸üС±->¡°²é¿´¸üк¹Çà¼Í¼¡±²é¿´ÊÇ·ñ³É¹¦×°ÖÃÁ˸üС£¡£¶ÔÓÚûÓгɹ¦×°ÖõĸüУ¬£¬£¬Äܹ»µã»÷¸Ã¸üÐÂÃû³Æ½øÈë΢Èí¹Ù·½¸üÐÂÃèÊöÁ´½Ó£¬£¬£¬µã»÷×îеÄSSUÃû³Æ²¢ÔÚÐÂÁ´½ÓÖеã»÷¡°Microsoft ¸üÐÂĿ¼¡±£¬£¬£¬¶øºóÔÚÐÂÁ´½Óµ±Ñ¡ÔñºÏÓÃÓÚÖ¸±êϵͳµÄ²¹¶¡½øÐÐÏÂÔز¢×°Öᣡ£


£¨¶þ£©ÊÖ¶¯×°ÖøüÐÂ


Microsoft¹Ù·½ÏÂÔØÏàÓ¦²¹¶¡½øÐиüС£¡£

2025Äê9Ô°²È«¸üÐÂÏÂÔØÁ´½Ó£º£º

https://msrc.microsoft.com/update-guide/releaseNote/2025-Sep

²¹¶¡ÏÂÔØʾÀý£¨²Î¿¼£©£º£º

1.´ò¿ªÉÏÊöÏÂÔØÁ´½Ó£¬£¬£¬µã»÷·ì϶ÁбíÖÐÒªÐÞ¸´µÄCVEÁ´½Ó¡£¡£


ͼƬ1.png

Àý1£º£ºÎ¢Èí·ì϶ÁÐ±í£¨Ê¾Àý£©


2.ÔÚ΢Èí²¼¸æÒ³Ãæµ×²¿×ó²à¡¾²úÆ·¡¿ÁÐÑ¡ÔñÏàÓ¦µÄϵͳÀàÐÍ£¬£¬£¬µã»÷ÓҲࡾÏÂÔØ¡¿Áдò¿ª²¹¶¡ÏÂÔØÁ´½Ó¡£¡£


ͼƬ2.png

Àý2£º£ºCVE-2022-21989²¹¶¡ÏÂÔØʾÀý


3.µã»÷¡¾°²È«¸üС¿£¬£¬£¬´ò¿ª²¹¶¡ÏÂÔØÒ³Ã棬£¬£¬ÏÂÔØÏàÓ¦²¹¶¡²¢½øÐÐ×°Öᣡ£


ͼƬ3.png

Àý3£º£º²¹¶¡ÏÂÔؽçÃæ


4.×°ÖÃʵÏÖºóÖØÆôÍÆËã»ú¡£¡£


3.2 Ò»Ê±´ëÊ©


ÔÝÎÞ¡£¡£


3.3 ͨÓý¨Òé


? ¶¨ÆÚ¸üÐÂϵͳ²¹¶¡£¡£¬£¬£¬Ï÷¼õϵͳ·ì϶£¬£¬£¬ÌáÉý·þÎñÆ÷µÄ°²È«ÐÔ¡£¡£

¼ÓǿϵͳºÍÍøÂçµÄ½Ó¼û½ÚÖÆ£¬£¬£¬Åú¸Ä·À»ðǽսÊõ£¬£¬£¬¹Ø±Õ·Ç±ØÒªµÄÀûÓö˿ڻò·þÎñ£¬£¬£¬Ï÷¼õ½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢¡¢¡¢RDPµÈ£©Â¶³öµ½¹«Íø£¬£¬£¬Ï÷¼õ¹¥»÷Ãæ¡£¡£

ʹÓÃÆóÒµ¼¶°²È«²úÆ·£¬£¬£¬ÌáÉýÆóÒµµÄÍøÂ簲ȫ»úÄÜ¡£¡£

¼ÓǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬£¬£¬ÆôÓöà³É·ÖÈÏÖ¤»úÖƺÍ×îСȨÏÞ×¼Ôò£¬£¬£¬Óû§ºÍÈí¼þȨÏÞӦά³ÖÔÚ×îµÍÏ޶ȡ£¡£

ÆôÓÃÇ¿ÃÜÂëÕ½Êõ²¢ÉèÖÃΪ¶¨ÆÚÅú¸Ä¡£¡£


3.4 ²Î¿¼Á´½Ó


https://msrc.microsoft.com/update-guide/releaseNote/2025-Sep