Microsoft Windows與Office存在5個高風險安全漏洞,請儘速確認並進行修補
- 發布單位:TWCERT/CC
- 更新日期:2026-03-02
- 點閱次數:441
- 內容說明
研究人員發現Microsoft Windows與Office存在5個高風險安全漏洞,類型包含安全功能繞過(Security Feature Bypass)漏洞(CVE-2026-21510、CVE-2026-21513及CVE-2026-21514)與本機提權(Local Privilege Escalation)漏洞(CVE-2026-21519與CVE-2026-21533),前者可使未經身分鑑別之攻擊者於使用者互動情境下繞過系統安全機制;後者可使已通過身分鑑別之攻擊者在既有權限基礎上提升權限。以上漏洞皆已遭駭客利用,請儘速確認並進行修補。
- 影響平台
Microsoft 365 Apps for Enterprise for 32-bit Systems
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Office LTSC 2021 for 32-bit editions
Microsoft Office LTSC 2021 for 64-bit editions
Microsoft Office LTSC 2024 for 32-bit editions
Microsoft Office LTSC 2024 for 64-bit editions
Microsoft Office LTSC for Mac 2021
Microsoft Office LTSC for Mac 2024
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 11 Version 23H2 for x64-based Systems
Windows 11 Version 24H2 for ARM64-based Systems
Windows 11 Version 24H2 for x64-based Systems
Windows 11 Version 25H2 for ARM64-based Systems
Windows 11 Version 25H2 for x64-based Systems
Windows 11 Version 26H1 for ARM64-based Systems
Windows 11 Version 26H1 for x64-based Systems
Windows Server 2012
Windows Server 2012(Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2(Server Core installation)
Windows Server 2016
Windows Server 2016(Server Core installation)
Windows Server 2019
Windows Server 2019(Server Core installation)
Windows Server 2022
Windows Server 2022(Server Core installation)
Windows Server 2022, 23H2 Edition(Server Core installation)
Windows Server 2025
Windows Server 2025(Server Core installation)
- 處置建議
官方已針對漏洞釋出修復更新,請參考官方說明進行更新,網址如下:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21510
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21513
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21514
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21519
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21533