好的,我现在需要帮用户总结一篇文章,控制在100字以内。用户已经提供了文章内容,看起来是关于CISA新增了两个微软的漏洞到他们的已知被利用漏洞目录中。 首先,我要确定文章的主要信息点。CISA新增了两个漏洞:一个是2009年的Excel远程代码执行漏洞,CVSS评分9.3;另一个是2026年的SharePoint Server输入验证漏洞,评分6.5。这两个漏洞都被积极利用,可能带来严重的安全威胁。 接下来,我需要将这些信息浓缩到100字以内。要确保包含CISA、新增漏洞、微软产品以及漏洞的影响。同时,避免使用“文章内容总结”之类的开头。 可能会这样组织句子:CISA将Microsoft SharePoint Server和Office Excel的漏洞加入已知被利用目录,包括CVE-2009-0238(CVSS 9.3)和CVE-2026-32201(CVSS 6.5),这些漏洞被积极利用,需尽快修复。 检查字数是否在限制内,并确保信息准确无误。这样用户就能快速了解文章的核心内容了。 </think> 美国网络安全和基础设施安全局(CISA)将微软SharePoint Server和Office Excel的两个漏洞加入已知被利用的漏洞目录,包括CVE-2009-0238(CVSS评分9.3)和CVE-2026-32201(CVSS评分6.5)。这些漏洞被积极利用,需尽快修复以减少风险。 2026-4-15 14:3:57 Author: securityaffairs.com(查看原文) 阅读量:30 收藏
U.S. CISA adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint Server, and Microsoft Office Excel flaws to its Known Exploited Vulnerabilities catalog.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities (KEV) catalog.
Below are the flaws added to the catalog:
- CVE-2009-0238 Microsoft Office Remote Code Execution Vulnerability
- CVE-2026-32201 Microsoft SharePoint Server Improper Input Validation Vulnerability
The first vulnerability added, tracked as CVE-2009-0238 (CVSS score of 9.3), affects multiple versions of Microsoft Excel and related viewers. It is triggered when a user opens a specially crafted Excel file that causes the application to access an invalid object in memory. This leads to memory corruption, allowing a remote attacker to execute arbitrary code on the affected system with the privileges of the user.
The vulnerability was actively exploited in the wild in February 2009, notably by the Trojan.Mdropper.AC malware, making it a significant real-world threat at the time.
The second flaw added to the catalog, tracked as CVE-2026-32201, is a critical SharePoint zero-day actively exploited in attacks in the wild, as reported by Microsoft.
CVE-2026-32201 (CVSS score of 6.5) is a spoofing vulnerability in Microsoft SharePoint Server, likely related to cross-site scripting (XSS). While details are limited, it could allow attackers to view or modify exposed information. Microsoft has not disclosed how widespread exploitation is, but given the potential impact, organizations, especially those with internet-facing SharePoint servers—should prioritize testing and applying the patch quickly.
“Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.” reads the advisory. “An attacker who successfully exploited the vulnerability could view some sensitive information (Confidentiality), make changes to disclosed information (Integrity), but cannot limit access to the resource (Availability).” “Exploitation Detected”
According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.
Experts also recommend that private organizations review the Catalog and address the vulnerabilities in their infrastructure.
CISA orders federal agencies to fix the vulnerabilities by April 28, 2026.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, CISA)
如有侵权请联系:admin#unsafe.sh