¡¾·ì϶¹«¸æ¡¿Î¢Èí3Ô¶à¸ö°²È«·ì϶

°ä²¼¹¦·ò 2026-03-11

Ò»¡¢·ì϶¸ÅÊö


2026Äê3ÔÂ11ÈÕ£¬£¬OG¶«·½Ìü°²È«Ó¦¼±ÏìÓ¦ÖÐÐÄ£¨VSRC£©¼à²âµ½Î¢Èí°ä²¼ÁË3Ô°²È«¸üУ¬£¬±¾´Î¸üÐÂÐÞ¸´ÁË83¸ö·ì϶£¬£¬º­¸ÇÌØȨÌáÉý¡¢Ô¶³Ì´úÂëÖ´ÐС¢ÐÅϢй¶µÈ¶àÖÖ·ì϶ÀàÐÍ¡£¡£¡£¡£·ì϶¼¶±ðÉ¢²¼ÈçÏ£º£º8¸öÑÏÖؼ¶±ð·ì϶£¬£¬75¸öÖØÒª¼¶±ð·ì϶£¨·ì϶¼¶±ðƾ¾Ý΢Èí¹Ù·½Êý¾Ý£©¡£¡£¡£¡£


ÆäÖУ¬£¬6¸ö·ì϶±»Î¢ÈíÏóÕ÷Ϊ¡°¸ü¿ÉÄܱ»ÀûÓá±¼°¡°¼ì²âÀûÓÃÇé¾°¡±£¬£¬Åú×¢ÕâЩ·ì϶´æÔڽϸߵÄÀûÓ÷çÏÕ£¬£¬½¨ÒéÓÅÏÈÐÞ¸´ÒÔ½µµÍDZÔÚ°²È«Íþв¡£¡£¡£¡£


CVE-ID

CVE ±êÌâ

·ì϶¼¶±ð

CVE-2026-23668

Windows ͼÐÎ×é¼þÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24289

Windows ÄÚºËÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24291

Windows ¸¨ÖúÖ°ÄÜ»ù´¡ÉèÊ© (ATBroker.exe) ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24294

Windows SMB Server Elevation of Privilege Vulnerability

ÖØÒª

CVE-2026-25187

Winlogon ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-26132

Windows ÄÚºËÌØȨÌáÉý·ì϶

ÖØÒª


΢Èí3Ô¸üÐÂÐÞ¸´µÄÆëÈ«·ì϶ÁбíÈçÏ£º£º


CVE-ID

CVE ±êÌâ

·ì϶¼¶±ð

CVE-2026-20967

System Center Operations Manager (SCOM) ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-21262

SQL ·þÎñÆ÷ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-21536

Microsoft É豸¶¨¼Û´òËãÔ¶³Ì´úÂëÖ´Ðзì϶

ÑÏÖØ

CVE-2026-23651

Microsoft ACI ±£ÃÜÈÝÆ÷ÌØȨÌáÉý·ì϶

ÑÏÖØ

CVE-2026-23654

GitHub£º£ºZero Shot SCFoundation Ô¶³Ì´úÂëÖ´Ðзì϶

ÖØÒª

CVE-2026-23656

Windows ÀûÓÃ×°Ö÷¨Ê½ºýŪ·ì϶

ÖØÒª

CVE-2026-23660

Azure ÃÅ»§ÖÐµÄ Windows Admin Center ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-23661

Azure IoT Explorer ÐÅϢй¶·ì϶

ÖØÒª

CVE-2026-23662

Azure IoT Explorer ÐÅϢй¶·ì϶

ÖØÒª

CVE-2026-23664

Azure IoT Explorer ÐÅϢй¶·ì϶

ÖØÒª

CVE-2026-23665

Linux Azure Õï¶ÏÀ©´ó (LAD) ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-23667

¹ã²¥DVR ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-23668

Windows ͼÐÎ×é¼þÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-23669

Windows ´òÓ¡ºó¶Ü´¦Ö÷¨Ê½Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2026-23671

Windows À¶ÑÀ RFCOMM ºÍ̸Çý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-23672

Windows ͨÓôÅÅÌÌåʽÎļþϵͳÇý¶¯·¨Ê½ (UDFS) ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-23673

Windows Resilient Îļþϵͳ (ReFS) ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-23674

MapUrlToZone °²È«Ö°ÄÜÈƹý·ì϶

ÖØÒª

CVE-2026-24282

ÍÆËÍÐÂÎÅ·ÓÉ·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24283

¶àUNC Ìṩ·¨Ê½ÄÚºËÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24285

Win32k ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24287

Windows ÄÚºËÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24288

Windows Òƶ¯¿í´øÇý¶¯·¨Ê½Ô¶³Ì´úÂëÖ´Ðзì϶

ÖØÒª

CVE-2026-24289

Windows ÄÚºËÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24290

Windows ͶӰÎļþϵͳÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24291

Windows ¸¨ÖúÖ°ÄÜ»ù´¡ÉèÊ© (ATBroker.exe) ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24292

Windows »¥ÁªÉ豸ƽ̨·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24293

WinSock µÄ Windows ¸¨ÖúÖ°ÄÜÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24294

Windows SMB Server Elevation of Privilege Vulnerability

ÖØÒª

CVE-2026-24295

Windows É豸¹ØÁª·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24296

Windows É豸¹ØÁª·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-24297

Windows Kerberos °²È«Ö°ÄÜÈƹý·ì϶

ÖØÒª

CVE-2026-25165

Õë¶ÔWindows ÌØȨÌáÉý·ì϶µÄ»úÄܼÆÊýÆ÷

ÖØÒª

CVE-2026-25166

Windows ϵͳӳÏñÖÎÀíÆ÷ÆÀ¹ÀºÍ²¿Ê𹤾߰ü (ADK) Ô¶³Ì´úÂëÖ´Ðзì϶

ÖØÒª

CVE-2026-25167

Microsoft ´úÀíÎļþϵͳÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-25168

Windows ͼÐÎ×é¼þ»Ø¾ø·þÎñ·ì϶

ÖØÒª

CVE-2026-25169

Windows ͼÐÎ×é¼þ»Ø¾ø·þÎñ·ì϶

ÖØÒª

CVE-2026-25170

Windows Hyper-V ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-25171

Windows Éí·ÝÑéÖ¤ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-25172

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) Ô¶³Ì´úÂëÖ´Ðзì϶

ÖØÒª

CVE-2026-25173

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) Ô¶³Ì´úÂëÖ´Ðзì϶

ÖØÒª

CVE-2026-25174

Windows ¿ÉÀ©´óÎļþ·ÖÅä±íÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-25175

Windows NTFS ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-25176

WinSock µÄ Windows ¸¨ÖúÖ°ÄÜÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-25177

Active Directory Domain Services Elevation of Privilege Vulnerability

ÖØÒª

CVE-2026-25178

WinSock µÄ Windows ¸¨ÖúÖ°ÄÜÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-25179

WinSock µÄ Windows ¸¨ÖúÖ°ÄÜÇý¶¯·¨Ê½ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-25180

Windows ͼÐÎ×é¼þÐÅϢй¶·ì϶

ÖØÒª

CVE-2026-25181

GDI+ ÐÅϢй¶·ì϶

ÖØÒª

CVE-2026-25185

Windows Shell Á´½Ó´¦ÖúýŪ·ì϶

ÖØÒª

CVE-2026-25186

Windows ¸¨ÖúÖ°ÄÜ»ù´¡ÉèÊ© (ATBroker.exe) ÐÅϢй¶·ì϶

ÖØÒª

CVE-2026-25187

Winlogon ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-25188

Windows µç»°·þÎñÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-25189

Windows DWM Ö÷Ìâ¿âÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-25190

GDI Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2026-26105

Microsoft SharePoint Server ºýŪ·ì϶

ÖØÒª

CVE-2026-26106

Microsoft SharePoint Server Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2026-26107

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2026-26108

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2026-26109

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2026-26110

Microsoft Office Ô¶³ÌÖ´ÐдúÂë·ì϶

ÑÏÖØ

CVE-2026-26111

Windows ·ÓɺÍÔ¶³Ì½Ó¼û·þÎñ (RRAS) Ô¶³Ì´úÂëÖ´Ðзì϶

ÖØÒª

CVE-2026-26112

Microsoft Excel Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2026-26113

Microsoft Office Ô¶³ÌÖ´ÐдúÂë·ì϶

ÑÏÖØ

CVE-2026-26114

Microsoft SharePoint Server Ô¶³ÌÖ´ÐдúÂë·ì϶

ÖØÒª

CVE-2026-26115

SQL ·þÎñÆ÷ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-26116

SQL ·þÎñÆ÷ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-26117

ÒÑÆôÓÃArc µÄ·þÎñÆ÷ - Azure Connected Machine Agent ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-26118

Azure MCP ·þÎñÆ÷¹¤¾ßÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-26121

Azure IOT Explorer ºýŪ·ì϶

ÖØÒª

CVE-2026-26122

Microsoft ACI ±£ÃÜÈÝÆ÷ÐÅϢй¶·ì϶

ÑÏÖØ

CVE-2026-26123

Microsoft Authenticator ÐÅϢй¶·ì϶

ÖØÒª

CVE-2026-26124

Microsoft ACI ±£ÃÜÈÝÆ÷ÌØȨÌáÉý·ì϶

ÑÏÖØ

CVE-2026-26125

Ö§¸¶ÒµÎñÁ÷³ÌЭµ÷·¨Ê½·þÎñÌØȨÌáÉý·ì϶

ÑÏÖØ

CVE-2026-26127

.NET »Ø¾ø·þÎñ·ì϶

ÖØÒª

CVE-2026-26128

Windows SMB Server Elevation of Privilege Vulnerability

ÖØÒª

CVE-2026-26130

ASP.NET Core »Ø¾ø·þÎñ·ì϶

ÖØÒª

CVE-2026-26131

.NET ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-26132

Windows ÄÚºËÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-26134

Microsoft Office ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-26141

»ìºÏ¸¨Öú½ÇÉ«À©´ó£¨ÆôÓÃArc µÄ Windows VM£©ÌØȨÌáÉý·ì϶

ÖØÒª

CVE-2026-26144

Microsoft Excel ÐÅϢй¶·ì϶

ÑÏÖØ

CVE-2026-26148

Õë¶ÔLinux ÌØȨÌáÉý·ì϶µÄ Microsoft Azure AD SSH µÇ¼À©´ó

ÖØÒª


¶þ¡¢Ó°ÏìÁìÓò


ÊÜÓ°ÏìµÄ²úÆ·/Ö°ÄÜ/·þÎñ/×é¼þÔ̺¬£º£º


System Center Operations Manager

SQL Server

Microsoft Devices Pricing Program

Azure Compute Gallery

GitHub Repo: zero-shot-scfoundation

Windows App Installer

Azure Portal Windows Admin Center

Azure IoT Explorer

Azure Linux Virtual Machines

Broadcast DVR

Microsoft Graphics Component

Windows Print Spooler Components

Windows Bluetooth RFCOM Protocol Driver

Windows Universal Disk Format File System Driver (UDFS)

Windows Resilient File System (ReFS)

Windows MapUrlToZone

Push Message Routing Service

Windows File Server

Windows Win32K

Windows Kernel

Windows Mobile Broadband

Windows Projected File System

Windows Accessibility Infrastructure (ATBroker.exe)

Connected Devices Platform Service (Cdpsvc)

Windows Ancillary Function Driver for WinSock

Windows SMB Server

Windows Device Association Service

Windows Kerberos

Windows Performance Counters

Windows System Image Manager

Microsoft Brokering File System

Role: Windows Hyper-V

Windows Authentication Methods

Windows Routing and Remote Access Service (RRAS)

Windows Extensible File Allocation

Windows NTFS

Active Directory Domain Services

Windows GDI+

Windows Shell Link Processing

Winlogon

Windows Telephony Service

Windows DWM Core Library

Windows GDI

Microsoft Office SharePoint

Microsoft Office Excel

Microsoft Office

Azure Windows Virtual Machine Agent

Azure MCP Server

Microsoft Authenticator

Payment Orchestrator Service

.NET

ASP.NET Core

Azure Arc

Azure Entra ID


Èý¡¢°²È«´ëÊ©


3.1 Éý¼¶°æ±¾


Ŀǰ΢ÈíÒÑ°ä²¼Óйذ²È«¸üУ¬£¬½¨ÒéÊÜÓ°ÏìµÄÓû§¾¡¿ìÐÞ¸´¡£¡£¡£¡£


£¨Ò»£©Windows Update×Ô¶¯¸üÐÂ


Microsoft UpdateĬÈÏÆôÓ㬣¬µ±ÏµÍ³¼ì²âµ½¿ÉÓøüÐÂʱ£¬£¬½«»á×Ô¶¯ÏÂÔظüв¢±ÉÈËÒ»´ÎÆô¶¯Ê±×°Öᣡ£¡£¡£Ò²¿ÉÑ¡Ôñͨ¹ýÒÔϲ½ÖèÊÖ¶¯½øÐиüУº£º


1¡¢µã»÷¡°ÆðÍ·²Ëµ¥¡±»ò°´Windows¿ì½Ý¼ü£¬£¬µã»÷½øÈë¡°ÉèÖá±

2¡¢Ñ¡Ôñ¡°¸üкͰ²È«¡±£¬£¬½øÈë¡°Windows¸üС±£¨Windows 8¡¢Windows 8.1¡¢Windows Server 2012ÒÔ¼°Windows Server 2012 R2¿Éͨ¹ý½ÚÖÆÃæ°å½øÈë¡°Windows¸üС±£¬£¬¾ßÌå²½ÖèΪ¡°½ÚÖÆÃæ°å¡±->¡°ÏµÍ³ºÍ°²È«¡±->¡°Windows¸üС±£©

3¡¢Ñ¡Ôñ¡°²é³­¸üС±£¬£¬ÆÚ´ýϵͳ×Ô¶¯²é³­²¢ÏÂÔØ¿ÉÓøüС£¡£¡£¡£

4¡¢¸üÐÂʵÏÖºóÖØÆôÍÆËã»ú£¬£¬¿Éͨ¹ý½øÈë¡°Windows¸üС±->¡°²é¿´¸üк¹Çà¼Í¼¡±²é¿´ÊÇ·ñ³É¹¦×°ÖÃÁ˸üС£¡£¡£¡£¶ÔÓÚûÓгɹ¦×°ÖõĸüУ¬£¬Äܹ»µã»÷¸Ã¸üÐÂÃû³Æ½øÈë΢Èí¹Ù·½¸üÐÂÃèÊöÁ´½Ó£¬£¬µã»÷×îеÄSSUÃû³Æ²¢ÔÚÐÂÁ´½ÓÖеã»÷¡°Microsoft ¸üÐÂĿ¼¡±£¬£¬¶øºóÔÚÐÂÁ´½Óµ±Ñ¡ÔñºÏÓÃÓÚÖ¸±êϵͳµÄ²¹¶¡½øÐÐÏÂÔز¢×°Öᣡ£¡£¡£


£¨¶þ£©ÊÖ¶¯×°ÖøüÐÂ


Microsoft¹Ù·½ÏÂÔØÏàÓ¦²¹¶¡½øÐиüС£¡£¡£¡£


2026Äê3Ô°²È«¸üÐÂÏÂÔØÁ´½Ó£º£º

https://msrc.microsoft.com/update-guide/releaseNote/2026-Mar


²¹¶¡ÏÂÔØʾÀý£¨²Î¿¼£©£º£º


1.´ò¿ªÉÏÊöÏÂÔØÁ´½Ó£¬£¬µã»÷·ì϶ÁбíÖÐÒªÐÞ¸´µÄCVEÁ´½Ó¡£¡£¡£¡£


ͼƬ1.png

Àý1£º£ºÎ¢Èí·ì϶ÁÐ±í£¨Ê¾Àý£©


2.ÔÚ΢Èí²¼¸æÒ³Ãæµ×²¿×ó²à¡¾²úÆ·¡¿ÁÐÑ¡ÔñÏàÓ¦µÄϵͳÀàÐÍ£¬£¬µã»÷ÓҲࡾÏÂÔØ¡¿Áдò¿ª²¹¶¡ÏÂÔØÁ´½Ó¡£¡£¡£¡£


ͼƬ2.png

Àý2£º£ºCVE-2022-21989²¹¶¡ÏÂÔØʾÀý


3.µã»÷¡¾°²È«¸üС¿£¬£¬´ò¿ª²¹¶¡ÏÂÔØÒ³Ã棬£¬ÏÂÔØÏàÓ¦²¹¶¡²¢½øÐÐ×°Öᣡ£¡£¡£


ͼƬ3.png

Àý3£º£º²¹¶¡ÏÂÔؽçÃæ


4.×°ÖÃʵÏÖºóÖØÆôÍÆËã»ú¡£¡£¡£¡£


3.2 Ò»Ê±´ëÊ©


ÔÝÎÞ¡£¡£¡£¡£


3.3 ͨÓý¨Òé


? ¶¨ÆÚ¸üÐÂϵͳ²¹¶¡£¬£¬Ï÷¼õϵͳ·ì϶£¬£¬ÌáÉý·þÎñÆ÷µÄ°²È«ÐÔ¡£¡£¡£¡£

¼ÓǿϵͳºÍÍøÂçµÄ½Ó¼û½ÚÖÆ£¬£¬Åú¸Ä·À»ðǽսÊõ£¬£¬¹Ø±Õ·Ç±ØÒªµÄÀûÓö˿ڻò·þÎñ£¬£¬Ï÷¼õ½«Î£ÏÕ·þÎñ£¨ÈçSSH¡¢RDPµÈ£©Â¶³öµ½¹«Íø£¬£¬Ï÷¼õ¹¥»÷Ãæ¡£¡£¡£¡£

ʹÓÃÆóÒµ¼¶°²È«²úÆ·£¬£¬ÌáÉýÆóÒµµÄÍøÂ簲ȫ»úÄÜ¡£¡£¡£¡£

¼ÓǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬£¬ÆôÓöà³É·ÖÈÏÖ¤»úÖƺÍ×îСȨÏÞ×¼Ôò£¬£¬Óû§ºÍÈí¼þȨÏÞӦά³ÖÔÚ×îµÍÏ޶ȡ£¡£¡£¡£

ÆôÓÃÇ¿ÃÜÂëÕ½Êõ²¢ÉèÖÃΪ¶¨ÆÚÅú¸Ä¡£¡£¡£¡£


3.4 ²Î¿¼Á´½Ó


https://msrc.microsoft.com/update-guide/releaseNote/2026-Mar