20130612,微软6月12日发布5个安全补丁

大家好,我们是微软大中华区安全支持团队。

微软于北京时间612日清晨发布5个安全补丁,其中1个为最高级别严重等级,4个为重要等级,共修复、Microsoft WindowsMicrosoft OfficeInternet Explorer中的23个安全漏洞。请特别优先部署严重等级补丁MS13-047MS13-051

<wbr></wbr>

MS13-047| Internet Explorer的累积性安全更新

此安全更新解决Internet Explorer中的19个安全漏洞。这些漏洞可能在用户使用Internet Explorer查看特制网页时允许远程执行代码。成功利用这些漏洞的攻击者可以获得与当前用户相同的用户权限。该更新对于所有受支持的Windows系统中的所有IE版本均为严重等级。该漏洞属于秘密报告的漏洞,目前尚未发现针对该漏洞的攻击以及受影响的用户。

<wbr></wbr>

MS13-051| Microsoft Office可引发远程代码执行漏洞

该安全更新解决了Microsoft Office中的一个秘密报告的漏洞,当用户使用受影响的Microsoft Office软件打开特制的Office文件或者在Outlook中使用Word预览或打开邮件附件的时候,该漏洞可能引发远程代码执行。该漏洞对于Microsoft Office 2003Office for Mac 2011均为严重等级。尽管该漏洞是秘密披露的,但是我们发现了针对该漏洞仅有的一些攻击。

<wbr></wbr>

微软此次还发布了安全通报2854544,在今后的几个月中,微软将通过更新该安全通报来发布一个有关提升Windows加密及私钥管理的新功能。在Windows 8Windows Server 2012Windows RT中已经自带该功能,现在对于从Windows VistaWindows 7系统,也将提供该功能。

<wbr></wbr>

下表概述了本月的安全公告(按严重等级和公告ID排序):

Bulletin ID

Bulletin Title and Executive Summary

Maximum Severity Rating and Vulnerability Impact

Restart Requirement

Affected Software

MS13-047

Cumulative Security Update for Internet Explorer (2838727)

This security update resolves nineteen privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the most severe of these vulnerabilities could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Critical
Remote Code Execution

Requires restart

Microsoft Windows,
Internet Explorer

MS13-048

Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229)

This security update resolves one privately reported vulnerability in Windows. The vulnerability could allow information disclosure if an attacker logs on to a system and runs a specially crafted application or convinces a local, logged-in user to run a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. Note that this vulnerability would not allow an attacker to execute code or to elevate their user rights directly, but it could be used to produce information that could be used to try to further compromise an affected system.

Important
Information Disclosure

Requires restart

Microsoft Windows

MS13-049

Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690)

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow denial of service if an attacker sends specially crafted packets to the server. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter.

Important
Denial of Service

Requires restart

Microsoft Windows

MS13-050

Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege (2839894)

This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege when an authenticated attacker deletes a printer connection. An attacker must have valid logon credentials and be able to log on to exploit this vulnerability.

Important
Elevation of privilege

Requires restart

Microsoft Windows

MS13-051

Vulnerability in Microsoft Office Could Allow Remote Code Execution (2839571)

This security update resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user opens a specially crafted Office document using an affected version of Microsoft Office software, or previews or opens a specially crafted email message in Outlook while using Microsoft Word as the email reader. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Important
Remote Code Execution

May require restart

Microsoft Office

<wbr></wbr>

详细信息请参考20136月安全公告摘要:

http://technet.microsoft.com/zh-CN/security/bulletin/ms13-jun

微软安全响应中心博客文章(英文)

http://blogs.technet.com/b/msrc/archive/2013/06/11/improved-cryptography-and-the-june-2013-bulletins.aspx

<wbr></wbr>

微软大中华区安全支持团队

内容概要:本文详细介绍了如何使用STM32微控制器精确控制步进电机,涵盖了从原理到代码实现的全过程。首先,解释了步进电机的工作原理,包括定子、转子的构造及其通过脉冲信号控制转动的方式。接着,介绍了STM32的基本原理及其通过GPIO端口输出控制信号,配合驱动器芯片放大信号以驱动电机运转的方法。文中还详细描述了硬件搭建步骤,包括所需硬件的选择与连接方法。随后提供了基础控制代码示例,演示了如何通过定义控制引脚、编写延时函数和控制电机转动函数来实现步进电机的基本控制。最后,探讨了进阶优化技术,如定时器中断控制、S形或梯形加减速曲线、微步控制及DMA传输等,以提升电机运行的平稳性和精度。 适合人群:具有嵌入式系统基础知识,特别是对STM32和步进电机有一定了解的研发人员和技术爱好者。 使用场景及目标:①学习步进电机与STM32的工作原理及二者结合的具体实现方法;②掌握硬件连接技巧,确保各组件间正确通信;③理解并实践基础控制代码,实现步进电机的基本控制;④通过进阶优化技术的应用,提高电机控制性能,实现更精细和平稳的运动控制。 阅读建议:本文不仅提供了详细的理论讲解,还附带了完整的代码示例,建议读者在学习过程中动手实践,结合实际硬件进行调试,以便更好地理解和掌握步进电机的控制原理和技术细节。同时,对于进阶优化部分,可根据自身需求选择性学习,逐步提升对复杂控制系统的理解。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值