股票代码:688225
打开微信“扫一扫”,开启安(ān)全数字世界之旅
截图或長(cháng)按保存至相册,使用(yòng)微信扫一扫
高危!Atlassian Confluence遠(yuǎn)程代码执行漏洞安(ān)全风险通告
发布时间 :2021年08月26日
类型 :勒索软件
分(fēn)享:
漏洞描述
2021年9月8日,亚信安(ān)全CERT监测到微软官方针对Microsoft MSHTML组件中(zhōng)存在的遠(yuǎn)程代码执行漏洞(CVE-2021-40444)发布紧急通告。利用(yòng)此漏洞,遠(yuǎn)程攻击者可(kě)诱使受害者打开其制作(zuò)的带有(yǒu)ActiveX控件的恶意Microsoft Office文(wén)档,当漏洞成功触发时,攻击者可(kě)在受害者的机器上以该用(yòng)户权限执行任意代码。漏洞定级為(wèi)高危漏洞。
目前微软官方尚未发布此漏洞的修复补丁,鉴于该漏洞已有(yǒu)在野利用(yòng),亚信安(ān)全CERT建议及时做好自查和防御措施,以阻止该漏洞攻击。
漏洞编号
CVE-2021-40444
漏洞类型
高危,遠(yuǎn)程代码执行,CVSS:8.8
修复建议
官方临时修补方案:
在Internet Explorer中(zhōng)禁用(yòng)ActiveX控件以缓解漏洞攻击(使用(yòng)此方法,以前安(ān)装(zhuāng)的ActiveX控件将继续运行,但漏洞不会被触发):
1.创建.reg文(wén)件扩展名(míng)结尾的文(wén)件,并保存如下内容:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]
"1001"=dword:00000003
"1004"=dword:00000003
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1]
"1001"=dword:00000003
"1004"=dword:00000003
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2]
"1001"=dword:00000003
"1004"=dword:00000003
2.双击该文(wén)件,将其应用(yòng)到策略配置。
3.重启系统。
注意
如果注册表编辑器不当使用(yòng)可(kě)能(néng)会存在严重问题,如需重装(zhuāng)系统等,建议使用(yòng)上述的解决方案进行修补,如有(yǒu)必要请事先做好备份。
参考链接
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
参考链接
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444
分(fēn)享到微信
X