¡¾·ì϶¹«¸æ¡¿Î¢Èí3Ô¶à¸ö°²È«·ì϶

°ä²¼¹¦·ò 2026-03-11

Ò»¡¢·ì϶¸ÅÊö


2026Äê3ÔÂ11ÈÕ£¬±¦ÔËÀ³¹Ù·½ÍøÕ¾°²È«Ó¦¼±ÏìÓ¦ÖÐÐÄ£¨VSRC£©¼à²âµ½Î¢Èí°ä²¼ÁË3Ô°²È«¸üУ¬±¾´Î¸üн¨¸´ÁË83¸ö·ì϶£¬º­¸ÇÌØȨÌáÉý¡¢Ô¶³Ì´úÂëÖ´ÐÓ×¢ÐÅϢй¶µÈ¶àÖÖ·ì϶ÀàÐÍ¡£·ì϶¼¶±ðÉ¢²¼ÈçÏ£º8¸öÑϳÁ¼¶±ð·ì϶£¬75¸ö³ÁÒª¼¶±ð·ì϶£¨·ì϶¼¶±ðƾ¾Ý΢Èí¹Ù·½Êý¾Ý£©¡£


ÆäÖУ¬6¸ö·ì϶±»Î¢ÈíÏóÕ÷Ϊ¡°¸ü¿ÉÄܱ»ÀûÓá±¼°¡°¼ì²âÀûÓÃÇé¾°¡±£¬Åú×¢ÕâЩ·ì϶´æÔڽϸߵÄÀûÓ÷çÏÕ£¬½¨ÒéÓÅÏȽ¨¸´ÒÔ½µµÍDZÔÚ°²È«Íþв¡£


CVE-ID

CVE ±êÌâ

·ì϶¼¶±ð

CVE-2026-23668

Windows ͼÐÎ×é¼þÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24289

Windows ÄÚºËÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24291

Windows ¸¨ÖúÖ°ÄÜ»ù´¡ÉèÊ© (ATBroker.exe) ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24294

Windows SMB Server Elevation of Privilege Vulnerability

³ÁÒª

CVE-2026-25187

Winlogon ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-26132

Windows ÄÚºËÌØȨÌáÉý·ì϶

³ÁÒª


΢Èí3Ô¸üн¨¸´µÄÆëÈ«·ì϶ÁбíÈçÏ£º


CVE-ID

CVE ±êÌâ

·ì϶¼¶±ð

CVE-2026-20967

System Center Operations Manager (SCOM) ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-21262

SQL ·þÎñÆ÷ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-21536

Microsoft É豸¶¨¼Û´òËãÔ¶³Ì´úÂëÖ´Ðзì϶

ÑϳÁ

CVE-2026-23651

Microsoft ACI ±£ÃÜÈÝÆ÷ÌØȨÌáÉý·ì϶

ÑϳÁ

CVE-2026-23654

GitHub£ºZero Shot SCFoundation Ô¶³Ì´úÂëÖ´Ðзì϶

³ÁÒª

CVE-2026-23656

Windows ÀûÓÃ×°Ö÷¨Ê½ºýŪ·ì϶

³ÁÒª

CVE-2026-23660

Azure ÃÅ»§ÖÐµÄ Windows Admin Center ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-23661

Azure IoT Explorer ÐÅϢй¶·ì϶

³ÁÒª

CVE-2026-23662

Azure IoT Explorer ÐÅϢй¶·ì϶

³ÁÒª

CVE-2026-23664

Azure IoT Explorer ÐÅϢй¶·ì϶

³ÁÒª

CVE-2026-23665

Linux Azure Õï¶ÏÀ©´ó (LAD) ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-23667

¹ã²¥DVR ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-23668

Windows ͼÐÎ×é¼þÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-23669

Windows ´òÓ¡ºó¶Ü´¦Ö÷¨Ê½Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2026-23671

Windows À¶ÑÀ RFCOMM ºÍ̸Çý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-23672

Windows ͨÓôÅÅÌÌåʽÎļþϵͳÇý¶¯·¨Ê½ (UDFS) ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-23673

Windows Resilient Îļþϵͳ (ReFS) ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-23674

MapUrlToZone °²È«Ö°ÄÜÈƹý·ì϶

³ÁÒª

CVE-2026-24282

ÍÆËÍÐÂÎÅ·ÓÉ·þÎñÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24283

¶àUNC Ìṩ·¨Ê½ÄÚºËÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24285

Win32k ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24287

Windows ÄÚºËÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24288

Windows Òƶ¯¿í´øÇý¶¯·¨Ê½Ô¶³Ì´úÂëÖ´Ðзì϶

³ÁÒª

CVE-2026-24289

Windows ÄÚºËÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24290

Windows ͶӰÎļþϵͳÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24291

Windows ¸¨ÖúÖ°ÄÜ»ù´¡ÉèÊ© (ATBroker.exe) ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24292

Windows »¥ÁªÉ豸ƽ̨·þÎñÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24293

WinSock µÄ Windows ¸¨ÖúÖ°ÄÜÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24294

Windows SMB Server Elevation of Privilege Vulnerability

³ÁÒª

CVE-2026-24295

Windows É豸¹ØÁª·þÎñÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24296

Windows É豸¹ØÁª·þÎñÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-24297

Windows Kerberos °²È«Ö°ÄÜÈƹý·ì϶

³ÁÒª

CVE-2026-25165

Õë¶ÔWindows ÌØȨÌáÉý·ì϶µÄ»úÄܼÆÊýÆ÷

³ÁÒª

CVE-2026-25166

Windows ϵͳӳÏñÖÎÀíÆ÷ÆÀ¹ÀºÍ²¿Ê𹤾߰ü (ADK) Ô¶³Ì´úÂëÖ´Ðзì϶

³ÁÒª

CVE-2026-25167

Microsoft ´úÀíÎļþϵͳÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-25168

Windows ͼÐÎ×é¼þ»Ø¾ø·þÎñ·ì϶

³ÁÒª

CVE-2026-25169

Windows ͼÐÎ×é¼þ»Ø¾ø·þÎñ·ì϶

³ÁÒª

CVE-2026-25170

Windows Hyper-V ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-25171

Windows Éí·ÝÑéÖ¤ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-25172

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) Ô¶³Ì´úÂëÖ´Ðзì϶

³ÁÒª

CVE-2026-25173

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) Ô¶³Ì´úÂëÖ´Ðзì϶

³ÁÒª

CVE-2026-25174

Windows ¿ÉÀ©´óÎļþ·ÖÅä±íÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-25175

Windows NTFS ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-25176

WinSock µÄ Windows ¸¨ÖúÖ°ÄÜÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-25177

Active Directory Domain Services Elevation of Privilege Vulnerability

³ÁÒª

CVE-2026-25178

WinSock µÄ Windows ¸¨ÖúÖ°ÄÜÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-25179

WinSock µÄ Windows ¸¨ÖúÖ°ÄÜÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-25180

Windows ͼÐÎ×é¼þÐÅϢй¶·ì϶

³ÁÒª

CVE-2026-25181

GDI+ ÐÅϢй¶·ì϶

³ÁÒª

CVE-2026-25185

Windows Shell Á´½Ó´¦ÖúýŪ·ì϶

³ÁÒª

CVE-2026-25186

Windows ¸¨ÖúÖ°ÄÜ»ù´¡ÉèÊ© (ATBroker.exe) ÐÅϢй¶·ì϶

³ÁÒª

CVE-2026-25187

Winlogon ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-25188

Windows µç»°·þÎñÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-25189

Windows DWM Ö÷Ìâ¿âÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-25190

GDI Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2026-26105

Microsoft SharePoint Server ºýŪ·ì϶

³ÁÒª

CVE-2026-26106

Microsoft SharePoint Server Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2026-26107

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2026-26108

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2026-26109

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2026-26110

Microsoft Office Ô¶³ÌÖ´ÐдúÂë·ì϶

ÑϳÁ

CVE-2026-26111

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) Ô¶³Ì´úÂëÖ´Ðзì϶

³ÁÒª

CVE-2026-26112

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2026-26113

Microsoft Office Ô¶³ÌÖ´ÐдúÂë·ì϶

ÑϳÁ

CVE-2026-26114

Microsoft SharePoint Server Ô¶³ÌÖ´ÐдúÂë·ì϶

³ÁÒª

CVE-2026-26115

SQL ·þÎñÆ÷ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-26116

SQL ·þÎñÆ÷ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-26117

ÒÑÆôÓÃArc µÄ·þÎñÆ÷ - Azure Connected Machine Agent ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-26118

Azure MCP ·þÎñÆ÷¹¤¾ßÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-26121

Azure IOT Explorer ºýŪ·ì϶

³ÁÒª

CVE-2026-26122

Microsoft ACI ±£ÃÜÈÝÆ÷ÐÅϢй¶·ì϶

ÑϳÁ

CVE-2026-26123

Microsoft Authenticator ÐÅϢй¶·ì϶

³ÁÒª

CVE-2026-26124

Microsoft ACI ±£ÃÜÈÝÆ÷ÌØȨÌáÉý·ì϶

ÑϳÁ

CVE-2026-26125

Ö§¸¶ÒµÎñÁ÷³ÌЭµ÷·¨Ê½·þÎñÌØȨÌáÉý·ì϶

ÑϳÁ

CVE-2026-26127

.NET »Ø¾ø·þÎñ·ì϶

³ÁÒª

CVE-2026-26128

Windows SMB Server Elevation of Privilege Vulnerability

³ÁÒª

CVE-2026-26130

ASP.NET Core »Ø¾ø·þÎñ·ì϶

³ÁÒª

CVE-2026-26131

.NET ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-26132

Windows ÄÚºËÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-26134

Microsoft Office ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-26141

»ìºÏ¸¨Öú½ÇÉ«À©´ó£¨ÆôÓÃArc µÄ Windows VM£©ÌØȨÌáÉý·ì϶

³ÁÒª

CVE-2026-26144

Microsoft Excel ÐÅϢй¶·ì϶

ÑϳÁ

CVE-2026-26148

Õë¶ÔLinux ÌØȨÌáÉý·ì϶µÄ Microsoft Azure AD SSH µÇ¼À©´ó

³ÁÒª


¶þ¡¢Ó°ÏìÁìÓò


ÊÜÓ°ÏìµÄ²úÆ·/Ö°ÄÜ/·þÎñ/×é¼þÔ̺¬£º


System Center Operations Manager

SQL Server

Microsoft Devices Pricing Program

Azure Compute Gallery

GitHub Repo: zero-shot-scfoundation

Windows App Installer

Azure Portal Windows Admin Center

Azure IoT Explorer

Azure Linux Virtual Machines

Broadcast DVR

Microsoft Graphics Component

Windows Print Spooler Components

Windows Bluetooth RFCOM Protocol Driver

Windows Universal Disk Format File System Driver (UDFS)

Windows Resilient File System (ReFS)

Windows MapUrlToZone

Push Message Routing Service

Windows File Server

Windows Win32K

Windows Kernel

Windows Mobile Broadband

Windows Projected File System

Windows Accessibility Infrastructure (ATBroker.exe)

Connected Devices Platform Service (Cdpsvc)

Windows Ancillary Function Driver for WinSock

Windows SMB Server

Windows Device Association Service

Windows Kerberos

Windows Performance Counters

Windows System Image Manager

Microsoft Brokering File System

Role: Windows Hyper-V

Windows Authentication Methods

Windows Routing and Remote Access Service (RRAS)

Windows Extensible File Allocation

Windows NTFS

Active Directory Domain Services

Windows GDI+

Windows Shell Link Processing

Winlogon

Windows Telephony Service

Windows DWM Core Library

Windows GDI

Microsoft Office SharePoint

Microsoft Office Excel

Microsoft Office

Azure Windows Virtual Machine Agent

Azure MCP Server

Microsoft Authenticator

Payment Orchestrator Service

.NET

ASP.NET Core

Azure Arc

Azure Entra ID


Èý¡¢°²È«´ëÊ©


3.1 Éý¼¶°æ±¾


Ŀǰ΢ÈíÒÑ°ä²¼Óйذ²È«¸üУ¬½¨ÒéÊÜÓ°ÏìµÄÓû§¾¡¿ì½¨¸´¡£


£¨Ò»£©Windows Update×Ô¶¯¸üÐÂ


Microsoft UpdateĬÈÏÆôÓ㬵±ÏµÍ³¼ì²âµ½¿ÉÓøüÐÂʱ£¬½«»á×Ô¶¯ÏÂÔظüв¢±ÉÈËÒ»´ÎÆô¶¯Ê±×°Öá£Ò²¿ÉÑ¡Ôñͨ¹ýÒÔϲ½ÖèÊÖ¶¯½øÐиüУº


1¡¢µã»÷¡°ÆðÍ·²Ëµ¥¡±»ò°´Windows¿ì½Ý¼ü£¬µã»÷½øÈë¡°ÉèÖá±

2¡¢Ñ¡Ôñ¡°¸üкͰ²È«¡±£¬½øÈë¡°Windows¸üС±£¨Windows 8¡¢Windows 8.1¡¢Windows Server 2012ÒÔ¼°Windows Server 2012 R2¿Éͨ¹ý½ÚÔìÃæ°å½øÈë¡°Windows¸üС±£¬¾ßÌå²½ÖèΪ¡°½ÚÔìÃæ°å¡±->¡°ÏµÍ³ºÍ°²È«¡±->¡°Windows¸üС±£©

3¡¢Ñ¡Ôñ¡°²é³­¸üС±£¬ÆÚ´ýϵͳ×Ô¶¯²é³­²¢ÏÂÔØ¿ÉÓøüС£

4¡¢¸üÐÂʵÏÖºó³ÁÆôÍÆËã»ú£¬¿Éͨ¹ý½øÈë¡°Windows¸üС±->¡°²é¿´¸üк¹Çà¼Í¼¡±²é¿´ÊÇ·ñ³É¹¦×°ÖÃÁ˸üС£¶ÔÓÚûÓгɹ¦×°ÖõĸüУ¬Äܹ»µã»÷¸Ã¸üÐÂÃû³Æ½øÈë΢Èí¹Ù·½¸üÐÂÃèÊöÁ´½Ó£¬µã»÷×îеÄSSUÃû³Æ²¢ÔÚÐÂÁ´½ÓÖеã»÷¡°Microsoft ¸üÐÂĿ¼¡±£¬¶øºóÔÚÐÂÁ´½Óµ±Ñ¡ÔñºÏÓÃÓÚÖ¸±êϵͳµÄ²¹¶¡½øÐÐÏÂÔز¢×°Öá£


£¨¶þ£©ÊÖ¶¯×°ÖøüÐÂ


Microsoft¹Ù·½ÏÂÔØÏàÓ¦²¹¶¡½øÐиüС£


2026Äê3Ô°²È«¸üÐÂÏÂÔØÁ´½Ó£º

https://msrc.microsoft.com/update-guide/releaseNote/2026-Mar


²¹¶¡ÏÂÔØʾÀý£¨²Î¿¼£©£º


1.´ò¿ªÉÏÊöÏÂÔØÁ´½Ó£¬µã»÷·ì϶ÁбíÖÐÒª½¨¸´µÄCVEÁ´½Ó¡£


ͼƬ1.png

Àý1£ºÎ¢Èí·ì϶ÁÐ±í£¨Ê¾Àý£©


2.ÔÚ΢Èí²¼¸æÒ³Ãæµ×²¿×ó²à¡¾²úÆ·¡¿ÁÐÑ¡ÔñÏàÓ¦µÄϵͳÀàÐÍ£¬µã»÷ÓҲࡾÏÂÔØ¡¿Áдò¿ª²¹¶¡ÏÂÔØÁ´½Ó¡£


ͼƬ2.png

Àý2£ºCVE-2022-21989²¹¶¡ÏÂÔØʾÀý


3.µã»÷¡¾°²È«¸üС¿£¬´ò¿ª²¹¶¡ÏÂÔØÒ³Ã棬ÏÂÔØÏàÓ¦²¹¶¡²¢½øÐÐ×°Öá£


ͼƬ3.png

Àý3£º²¹¶¡ÏÂÔؽçÃæ


4.×°ÖÃʵÏÖºó³ÁÆôÍÆËã»ú¡£


3.2 Ò»Ê±´ëÊ©


ÔÝÎÞ¡£


3.3 ͨÓý¨Òé


? ¶¨ÆÚ¸üÐÂϵͳ²¹¶¡£¬Ï÷¼õϵͳ·ì϶£¬ÌáÉý·þÎñÆ÷µÄ°²È«ÐÔ¡£

¼ÓǿϵͳºÍÍøÂçµÄ½Ó¼û½ÚÔ죬Åú¸Ä·À»ðǽսÊõ£¬¹Ø¹Ø·Ç±ØÒªµÄÀûÓö˿ڻò·þÎñ£¬Ï÷¼õ½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢RDPµÈ£©Â¶³öµ½¹«Íø£¬Ï÷¼õ¹¥»÷Ãæ¡£

ʹÓÃÆóÒµ¼¶°²È«²úÆ·£¬ÌáÉýÆóÒµµÄÍøÂ簲ȫ»úÄÜ¡£

¼ÓǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬ÆôÓöà³É·ÖÈÏÖ¤»úÔìºÍ×îÓ×ȨÏÞ×¼Ôò£¬Óû§ºÍÈí¼þȨÏÞӦά³ÖÔÚ×îµÍÏ޶ȡ£

ÆôÓÃÇ¿ÃÜÂëÕ½Êõ²¢ÉèÖÃΪ¶¨ÆÚÅú¸Ä¡£


3.4 ²Î¿¼Á´½Ó


https://msrc.microsoft.com/update-guide/releaseNote/2026-Mar