50岁退休熟女露脸高潮,免费观看又色又爽又黄的校园剧,乱码av麻豆丝袜熟女系列,大地影视mv高清视频在线观看 ,人摸人人人澡人人超碰手机版

?
股票代碼:688225
打開微信“掃一掃”,開啟安全數(shù)字世界之旅
截圖或長按保存至相冊(cè),使用微信掃一掃
首頁 > 關(guān)于我們 > 企業(yè)新聞

新聞與活動(dòng)

亞信安全最新資訊與活動(dòng)。

高危!Microsoft MSHTML遠(yuǎn)程代碼執(zhí)行漏洞(CVE-2021-40444)安全風(fēng)險(xiǎn)通告
發(fā)布時(shí)間 :2021年09月08日
類型 :勒索軟件
分享:

漏洞描述

2021年9月8日,亞信安全CERT監(jiān)測到微軟官方針對(duì)Microsoft MSHTML組件中存在的遠(yuǎn)程代碼執(zhí)行漏洞(CVE-2021-40444)發(fā)布緊急通告。利用此漏洞,遠(yuǎn)程攻擊者可誘使受害者打開其制作的帶有ActiveX控件的惡意Microsoft Office文檔,當(dāng)漏洞成功觸發(fā)時(shí),攻擊者可在受害者的機(jī)器上以該用戶權(quán)限執(zhí)行任意代碼。漏洞定級(jí)為高危漏洞。


目前微軟官方尚未發(fā)布此漏洞的修復(fù)補(bǔ)丁,鑒于該漏洞已有在野利用,亞信安全CERT建議及時(shí)做好自查和防御措施,以阻止該漏洞攻擊。


漏洞編號(hào)

CVE-2021-40444


漏洞類型

高危,遠(yuǎn)程代碼執(zhí)行,CVSS:8.8


修復(fù)建議

官方臨時(shí)修補(bǔ)方案:

在Internet Explorer中禁用ActiveX控件以緩解漏洞攻擊(使用此方法,以前安裝的ActiveX控件將繼續(xù)運(yùn)行,但漏洞不會(huì)被觸發(fā)):


1.創(chuàng)建.reg文件擴(kuò)展名結(jié)尾的文件,并保存如下內(nèi)容:

Windows Registry Editor Version 5.00


[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

"1001"=dword:00000003

"1004"=dword:00000003


[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1]

"1001"=dword:00000003

"1004"=dword:00000003


[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2]

"1001"=dword:00000003

"1004"=dword:00000003


2.雙擊該文件,將其應(yīng)用到策略配置。

3.重啟系統(tǒng)。


注意

如果注冊(cè)表編輯器不當(dāng)使用可能會(huì)存在嚴(yán)重問題,如需重裝系統(tǒng)等,建議使用上述的解決方案進(jìn)行修補(bǔ),如有必要請(qǐng)事先做好備份。

 

參考鏈接

Windows 7 for x64-based Systems Service Pack 1

Windows 7 for 32-bit Systems Service Pack 1

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows Server 2016  (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server, version 2004 (Server Core installation)

Windows 10 Version 2004 for x64-based Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for 32-bit Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows Server 2019  (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems


參考鏈接

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444


上一篇:威脅Xin解析 | 亞信安全抗擊Mozi僵尸網(wǎng)絡(luò)攻擊紀(jì)實(shí)

下一篇:XDR | 從新冠病毒預(yù)防,看基于XDR的勒索病毒治理之道

返回列表
分享到微信
X