¡¾·ì϶¹«¸æ¡¿Î¢Èí5Ô¶à¸ö°²È«·ì϶

°ä²¼¹¦·ò 2025-05-14

Ò»¡¢·ì϶¸ÅÊö


2025Äê5ÔÂ14ÈÕ£¬GA»Æ½ð¼×¼¯ÍÅVSRC¼à²âµ½Î¢Èí°ä²¼ÁË5Ô°²È«¸üУ¬±¾´Î¸üн¨¸´ÁË78¸ö·ì϶£¬º­¸ÇȨÏÞÌáÉý¡¢Ô¶³Ì´úÂëÖ´ÐÓ×¢°²È«Ö°ÄÜÈƹýµÈ¶àÖÖ·ì϶ÀàÐÍ¡£·ì϶¼¶±ðÉ¢²¼ÈçÏ£º11¸öÑϳÁ¼¶±ð·ì϶£¬66¸ö³ÁÒª¼¶±ð·ì϶£¬1¸öµÍΣ¼¶±ð·ì϶£¨·ì϶¼¶±ðƾ¾Ý΢Èí¹Ù·½Êý¾Ý£©¡£


ÆäÖУ¬13¸ö·ì϶±»Î¢ÈíÏóÕ÷Ϊ¡°¸ü¿ÉÄܱ»ÀûÓá±¼°¡°¼ì²âÀûÓÃÇé¾°¡±£¬Åú×¢ÕâЩ·ì϶´æÔڽϸߵÄÀûÓ÷çÏÕ£¬½¨ÒéÓÅÏȽ¨¸´ÒÔ½µµÍDZÔÚ°²È«Íþв¡£


CVE-ID

CVE ±êÌâ

·ì϶¼¶±ð

CVE-2025-30397

¾ç±¾ÒýÇæÄÚ´æ°Ü»µ·ì϶

³ÁÒª

CVE-2025-30400

Microsoft DWM Ö÷Ìâ¿âȨÏÞÌáÉý·ì϶

³ÁÒª

CVE-2025-32701

Windows ͨÓÃÈÕÖ¾ÎļþϵͳÇý¶¯·¨Ê½ÌáÉýȨÏÞ·ì϶

³ÁÒª

CVE-2025-32706

Windows ͨÓÃÈÕÖ¾ÎļþϵͳÇý¶¯·¨Ê½ÌáÉýȨÏÞ·ì϶

³ÁÒª

CVE-2025-32709

WinSock µÄ Windows ¸¨ÖúÖ°ÄÜÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-30388

Windows ͼÐÎ×é¼þÔ¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-24063

ÄÚºËÁ÷ʽ´¦Ö÷þÎñÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-29841

ͨÓôòÓ¡ÖÎÀí·þÎñÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-29971

Web Íþв·ÀÓù (WTD.sys) »Ø¾ø·þÎñ·ì϶

³ÁÒª

CVE-2025-29976

Microsoft SharePoint Server ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-30382

Microsoft SharePoint Server Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-30385

Windows ͨÓÃÈÕÖ¾ÎļþϵͳÇý¶¯·¨Ê½ÌáÉýȨÏÞ·ì϶

³ÁÒª

CVE-2025-30386

Microsoft Office Ô¶³ÌÖ´ÐдúÂë·ì϶

ÑϳÁ


΢Èí5Ô¸üн¨¸´µÄÆëÈ«·ì϶ÁбíÈçÏ£º


CVE-ID

CVE ±êÌâ

·ì϶¼¶±ð

CVE-2025-21264

Visual Studio Code °²È«Ö°ÄÜÈƹý·ì϶

³ÁÒª

CVE-2025-24063

ÄÚºËÁ÷ʽ´¦Ö÷þÎñÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-26646

.NET¡¢Visual Studio ºÍ Visual Studio ¹¹½¨¹¤¾ßºýŪ·ì϶

³ÁÒª

CVE-2025-26677

Windows Ô¶³Ì×ÀÃæºÍ̸£¨RD Íø¹Ø£©»Ø¾ø·þÎñ·ì϶

³ÁÒª

CVE-2025-26684

Microsoft Defender ȨÏÞÌáÉý·ì϶

³ÁÒª

CVE-2025-26685

Microsoft Defender for Identity ºýŪ·ì϶

³ÁÒª

CVE-2025-27468

Windows ÄÚºËģʽÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-27488

Microsoft Windows Hardware Lab Kit (HLK) ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-29813

Azure DevOps Server ÌØȨÌáÉý·ì϶

ÑϳÁ

CVE-2025-29825

»ùÓÚChromium µÄ Microsoft Edge ºýŪ·ì϶

µÍ

CVE-2025-29826

Microsoft Dataverse ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-29827

Azure ×Ô¶¯»¯ÌØȨÌáÉý·ì϶

ÑϳÁ

CVE-2025-29829

Windows ÊÜÐÅÀµÔËÐÐʱ½Ó¿ÚÇý¶¯·¨Ê½ÐÅϢй¶·ì϶

³ÁÒª

CVE-2025-29830

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

³ÁÒª

CVE-2025-29831

Windows Ô¶³Ì×ÀÃæ·þÎñÔ¶³Ì´úÂëÖ´Ðзì϶

³ÁÒª

CVE-2025-29832

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

³ÁÒª

CVE-2025-29833

Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability

ÑϳÁ

CVE-2025-29835

Windows Ô¶³Ì½Ó¼ûÁ¬ÊÕÊÜÀíÆ÷ÐÅϢй¶·ì϶

³ÁÒª

CVE-2025-29836

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

³ÁÒª

CVE-2025-29837

Windows Installer ÐÅϢй¶·ì϶

³ÁÒª

CVE-2025-29838

Windows ExecutionContext Çý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-29839

Windows ¶à UNC Ìṩ·¨Ê½Çý¶¯·¨Ê½ÐÅϢй¶·ì϶

³ÁÒª

CVE-2025-29840

Windows Media Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-29841

ͨÓôòÓ¡ÖÎÀí·þÎñÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-29842

UrlMon °²È«Ö°ÄÜÈƹý·ì϶

³ÁÒª

CVE-2025-29954

Windows ÇáÁ¿¼¶Ä¿Â¼½Ó¼ûºÍ̸ (LDAP) »Ø¾ø·þÎñ·ì϶

³ÁÒª

CVE-2025-29955

Windows Hyper-V »Ø¾ø·þÎñ·ì϶

³ÁÒª

CVE-2025-29956

Windows SMB ÐÅϢй¶·ì϶

³ÁÒª

CVE-2025-29957

Windows ²¿Êð·þÎñ»Ø¾ø·þÎñ·ì϶

³ÁÒª

CVE-2025-29958

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

³ÁÒª

CVE-2025-29959

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

³ÁÒª

CVE-2025-29960

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

³ÁÒª

CVE-2025-29961

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) ÐÅÏ¢Åû¶·ì϶

³ÁÒª

CVE-2025-29962

Windows Media Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-29963

Windows Media Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-29964

Windows Media Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-29966

Ô¶³Ì×ÀÃæ¿Í»§¶ËÔ¶³ÌÖ´ÐдúÂë·ì϶

ÑϳÁ

CVE-2025-29967

Ô¶³Ì×ÀÃæ¿Í»§¶ËÔ¶³ÌÖ´ÐдúÂë·ì϶

ÑϳÁ

CVE-2025-29968

Active Directory Ö¤Êé·þÎñ (AD CS) »Ø¾ø·þÎñ·ì϶

³ÁÒª

CVE-2025-29969

MS-EVEN RPC Ô¶³Ì´úÂëÖ´Ðзì϶

³ÁÒª

CVE-2025-29970

Microsoft ´úÀíÎļþϵͳÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-29971

Web Íþв·ÀÓù (WTD.sys) »Ø¾ø·þÎñ·ì϶

³ÁÒª

CVE-2025-29972

Azure ´æ´¢×ÊÔ´Ìṩ·¨Ê½ºýŪ·ì϶

ÑϳÁ

CVE-2025-29973

Microsoft Azure Îļþͬ²½ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-29974

Windows ÄÚºËÐÅϢй¶·ì϶

³ÁÒª

CVE-2025-29975

Microsoft PC Manager ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-29976

Microsoft SharePoint Server ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-29977

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-29978

Microsoft PowerPoint Ô¶³Ì´úÂëÖ´Ðзì϶

³ÁÒª

CVE-2025-29979

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-30375

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-30376

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-30377

Microsoft Office Ô¶³ÌÖ´ÐдúÂë·ì϶

ÑϳÁ

CVE-2025-30378

Microsoft SharePoint Server Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-30379

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-30381

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-30382

Microsoft SharePoint Server Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-30383

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-30384

Microsoft SharePoint Server Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-30385

Windows ͨÓÃÈÕÖ¾ÎļþϵͳÇý¶¯·¨Ê½ÌáÉýȨÏÞ·ì϶

³ÁÒª

CVE-2025-30386

Microsoft Office Ô¶³ÌÖ´ÐдúÂë·ì϶

ÑϳÁ

CVE-2025-30387

Document Intelligence Studio On-Prem ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-30388

Windows ͼÐÎ×é¼þÔ¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-30393

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-30394

Windows Ô¶³Ì×ÀÃæºÍ̸£¨RD Íø¹Ø£©»Ø¾ø·þÎñ·ì϶

³ÁÒª

CVE-2025-30397

¾ç±¾ÒýÇæÄÚ´æ°Ü»µ·ì϶

³ÁÒª

CVE-2025-30400

Microsoft DWM Ö÷Ìâ¿âȨÏÞÌáÉý·ì϶

³ÁÒª

CVE-2025-32701

Windows ͨÓÃÈÕÖ¾ÎļþϵͳÇý¶¯·¨Ê½ÌáÉýȨÏÞ·ì϶

³ÁÒª

CVE-2025-32702

Visual Studio Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-32703

Visual Studio ÐÅϢй¶·ì϶

³ÁÒª

CVE-2025-32704

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2025-32705

Microsoft Outlook Ô¶³Ì´úÂëÖ´Ðзì϶

³ÁÒª

CVE-2025-32706

Windows ͨÓÃÈÕÖ¾ÎļþϵͳÇý¶¯·¨Ê½ÌáÉýȨÏÞ·ì϶

³ÁÒª

CVE-2025-32707

NTFS ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-32709

WinSock µÄ Windows ¸¨ÖúÖ°ÄÜÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2025-33072

Microsoft msagsfeedback.azurewebsites.net ÐÅϢй¶·ì϶

ÑϳÁ

CVE-2025-47732

Microsoft Dataverse Ô¶³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

CVE-2025-47733

Microsoft Power Apps ÐÅϢй¶·ì϶

ÑϳÁ


¶þ¡¢Ó°ÏìÁìÓò


ÊÜÓ°ÏìµÄ²úÆ·/Ö°ÄÜ/·þÎñ/×é¼þÔ̺¬£º


Visual Studio Code

Windows Kernel

.NET, Visual Studio, and Build Tools for Visual Studio

Remote Desktop Gateway Service

Microsoft Defender for Endpoint

Microsoft Defender for Identity

Windows Secure Kernel Mode

Windows Hardware Lab Kit

Azure DevOps

Microsoft Edge (Chromium-based)

Microsoft Dataverse

Azure Automation

Windows Trusted Runtime Interface Driver

Windows Routing and Remote Access Service (RRAS)

Windows Virtual Machine Bus

Windows Installer

Windows Drivers

Windows File Server

Windows Media

Universal Print Management Service

UrlMon

Windows LDAP - Lightweight Directory Access Protocol

Role: Windows Hyper-V

Windows SMB

Windows Deployment Services

Windows Remote Desktop

Active Directory Certificate Services (AD CS)

Windows Fundamentals

Microsoft Brokering File System

Web Threat Defense (WTD.sys)

Azure Storage Resource Provider

Azure File Sync

Microsoft PC Manager

Microsoft Office SharePoint

Microsoft Office Excel

Microsoft Office PowerPoint

Microsoft Office

Windows Common Log File System Driver

Azure

Windows Win32K - GRFX

Microsoft Scripting Engine

Windows DWM

Visual Studio

Microsoft Office Outlook

Windows NTFS

Windows Ancillary Function Driver for WinSock

Microsoft Power Apps


Èý¡¢°²È«´ëÊ©


3.1 Éý¼¶°æ±¾


Ŀǰ΢ÈíÒÑ°ä²¼Óйذ²È«¸üУ¬½¨ÒéÊÜÓ°ÏìµÄÓû§¾¡¿ì½¨¸´¡£


£¨Ò»£©Windows Update×Ô¶¯¸üÐÂ


Microsoft UpdateĬÈÏÆôÓ㬵±ÏµÍ³¼ì²âµ½¿ÉÓøüÐÂʱ£¬½«»á×Ô¶¯ÏÂÔظüв¢±ÉÈËÒ»´ÎÆô¶¯Ê±×°Öá£Ò²¿ÉÑ¡Ôñͨ¹ýÒÔϲ½ÖèÊÖ¶¯½øÐиüУº


1¡¢µã»÷¡°ÆðÍ·²Ëµ¥¡±»ò°´Windows¿ì½Ý¼ü£¬µã»÷½øÈë¡°ÉèÖá±

2¡¢Ñ¡Ôñ¡°¸üкͰ²È«¡±£¬½øÈë¡°Windows¸üС±£¨Windows 8¡¢Windows 8.1¡¢Windows Server 2012ÒÔ¼°Windows Server 2012 R2¿Éͨ¹ý½ÚÔìÃæ°å½øÈë¡°Windows¸üС±£¬¾ßÌå²½ÖèΪ¡°½ÚÔìÃæ°å¡±->¡°ÏµÍ³ºÍ°²È«¡±->¡°Windows¸üС±£©

3¡¢Ñ¡Ôñ¡°²é³­¸üС±£¬ÆÚ´ýϵͳ×Ô¶¯²é³­²¢ÏÂÔØ¿ÉÓøüС£

4¡¢¸üÐÂʵÏÖºó³ÁÆôÍÆËã»ú£¬¿Éͨ¹ý½øÈë¡°Windows¸üС±->¡°²é¿´¸üк¹Çà¼Í¼¡±²é¿´ÊÇ·ñ³É¹¦×°ÖÃÁ˸üС£¶ÔÓÚûÓгɹ¦×°ÖõĸüУ¬Äܹ»µã»÷¸Ã¸üÐÂÃû³Æ½øÈë΢Èí¹Ù·½¸üÐÂÃèÊöÁ´½Ó£¬µã»÷×îеÄSSUÃû³Æ²¢ÔÚÐÂÁ´½ÓÖеã»÷¡°Microsoft ¸üÐÂĿ¼¡±£¬¶øºóÔÚÐÂÁ´½Óµ±Ñ¡ÔñºÏÓÃÓÚÖ¸±êϵͳµÄ²¹¶¡½øÐÐÏÂÔز¢×°Öá£


£¨¶þ£©ÊÖ¶¯×°ÖøüÐÂ


Microsoft¹Ù·½ÏÂÔØÏàÓ¦²¹¶¡½øÐиüС£


2025Äê5Ô°²È«¸üÐÂÏÂÔØÁ´½Ó£º

https://msrc.microsoft.com/update-guide/releaseNote/2025-May


²¹¶¡ÏÂÔØʾÀý£¨²Î¿¼£©£º


1.´ò¿ªÉÏÊöÏÂÔØÁ´½Ó£¬µã»÷·ì϶ÁбíÖÐÒª½¨¸´µÄCVEÁ´½Ó¡£


ͼƬ1.png

Àý1£ºÎ¢Èí·ì϶ÁÐ±í£¨Ê¾Àý£©


2.ÔÚ΢Èí²¼¸æÒ³Ãæµ×²¿×ó²à¡¾²úÆ·¡¿ÁÐÑ¡ÔñÏàÓ¦µÄϵͳÀàÐÍ£¬µã»÷ÓҲࡾÏÂÔØ¡¿Áдò¿ª²¹¶¡ÏÂÔØÁ´½Ó¡£


ͼƬ2.png

Àý2£ºCVE-2022-21989²¹¶¡ÏÂÔØʾÀý


3.µã»÷¡¾°²È«¸üС¿£¬´ò¿ª²¹¶¡ÏÂÔØÒ³Ã棬ÏÂÔØÏàÓ¦²¹¶¡²¢½øÐÐ×°Öá£


ͼƬ3.png

Àý3£º²¹¶¡ÏÂÔؽçÃæ


4.×°ÖÃʵÏÖºó³ÁÆôÍÆËã»ú¡£


3.2 Ò»Ê±´ëÊ©


ÔÝÎÞ¡£


3.3 ͨÓý¨Òé


? ¶¨ÆÚ¸üÐÂϵͳ²¹¶¡£¬Ï÷¼õϵͳ·ì϶£¬ÌáÉý·þÎñÆ÷µÄ°²È«ÐÔ¡£

¼ÓǿϵͳºÍÍøÂçµÄ½Ó¼û½ÚÔ죬Åú¸Ä·À»ðǽսÊõ£¬¹Ø¹Ø·Ç±ØÒªµÄÀûÓö˿ڻò·þÎñ£¬Ï÷¼õ½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢RDPµÈ£©Â¶³öµ½¹«Íø£¬Ï÷¼õ¹¥»÷Ãæ¡£

ʹÓÃÆóÒµ¼¶°²È«²úÆ·£¬ÌáÉýÆóÒµµÄÍøÂ簲ȫ»úÄÜ¡£

¼ÓǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬ÆôÓöà³É·ÖÈÏÖ¤»úÔìºÍ×îÓ×ȨÏÞ×¼Ôò£¬Óû§ºÍÈí¼þȨÏÞӦά³ÖÔÚ×îµÍÏ޶ȡ£

ÆôÓÃÇ¿ÃÜÂëÕ½Êõ²¢ÉèÖÃΪ¶¨ÆÚÅú¸Ä¡£


3.4 ²Î¿¼Á´½Ó


https://msrc.microsoft.com/update-guide/releaseNote/2025-May