首頁 -> 安全研究

安全研究

緊急通告
綠盟科技緊急通告(Alert2007-07)

NSFOCUS安全小組([email protected])
http://www.nsfocus.com

微軟發布6月份安全公告 修復多個嚴重安全漏洞

發布日期:2007-06-13


綜述:
======
微軟發布了6月份的6篇安全公告,這些公告描述并修復了15個安全漏洞,其中7個漏洞屬于“緊急”風險級別。攻擊者利用這些漏洞可能遠程入侵并完全控制客戶端或服務器系統。

我們強烈建議使用Windows操作系統的用戶立刻檢查一下您的系統是否受此漏洞影響,并按照我們提供的解決方法予以解決。

分析:
======
微軟發布了6月份的6篇最新的安全公告:MS07-030到MS07-035。這些安全公告分別描述了15個安全問題,分別是有關各版本的Microsoft Windows、IE、Outlook Express和Windows Mail等產品和服務中的漏洞。

1. MS07-030 Microsoft Visio中的安全漏洞可能允許遠程代碼執行(927051)

    - 受影響軟件:
    
    Microsoft Visio 2002 Service Pack 2 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=FC1D0483-27E8-4541-B81D-4A47973BEA30    
    
    Microsoft Visio 2003 Service Pack 2 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=C47F432E-8538-42FD-92C9-7E0F1D643E8E
        
    - 漏洞描述:

    Microsoft Visio處理Visio(.VSD、VSS或.VST)文件中的特制版本號及Visio文
    件格式中的打包對象的方式存在遠程代碼執行漏洞。帳號配置為較少權限的用戶
    比以管理員權限運行的用戶所受影響要低,必須要求用戶交互才能利用這些漏洞。
    
    風險級別和漏洞標識
______________________________________________________________________
|受影響軟件   |Visio版本內存破壞漏洞 |Visio文檔封裝漏洞 |所有漏洞總體|
|             |CVE-2007-0934         |CVE-2007-0936     |風險級別    |
|_____________|______________________|__________________|____________|
|Microsoft    |                      |                  |            |
|Visio 2002   |重要                  | 重要             |  重要      |
|             |遠程執行代碼          | 遠程執行代碼     |            |
|_____________|______________________|__________________|____________|
|Microsoft    |                      |                  |            |
|Visio 2003   |重要                  | 重要             |  重要      |
|             |遠程執行代碼          | 遠程執行代碼     |            |
|_____________|______________________|__________________|____________|

    
    - 臨時解決方案:

    * 使用Microsoft Visio Viewer 2003或Microsoft Visio Viewer 2007打開和查
    看文件。
    * 不要打開或保存從不受信任來源或從受信任來源意外收到的Microsoft Visio文件。
                  
    - 廠商補丁:                

    微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶的
    "Windows update"功能下載最新補丁。
    
    您也可以通過微軟的安全公告選擇并安裝針對您所用系統的安全補丁:
    http://www.microsoft.com/china/technet/security/bulletin/MS07-030.mspx
    
2. MS07-031 - Windows Schannel安全軟件包中的漏洞可能允許遠程執行代碼(935840)

    - 受影響系統:
    
    Microsoft Windows 2000 Service Pack 4 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=5b8e728c-cb9f-4176-93a0-bf42d6387f93
    
    Windows XP Service Pack 2 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=8615e6f3-415b-4c23-ba52-7eef70a11d77
    
    Windows XP Professional x64 Edition和Windows XP Professional x64 Edition
    Service Pack 2 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=7e994340-c616-4f66-845b-7eaf095e968a

    Microsoft Windows Server 2003 Service Pack 1和Microsoft Windows Server
    2003 Service Pack 2 — 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=39e6c6d2-7e6f-4992-a731-36f44fe2d87f

    Microsoft Windows Server 2003 x64 Edition Service Pack 1和Microsoft Windows
    Server 2003 x64 Edition Service Pack 2 — 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=da424772-079c-4351-9759-8886e0f1ba79
    
    Microsoft Windows Server 2003 with SP1 for Itanium-based Systems和Microsoft
    Windows Server 2003 with SP2 for Itanium-based Systems — 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=028592ff-2b69-472e-b186-bd2cc76bdfa4

    - 漏洞描述:

    Schannel安全軟件包實現安全套接字層(SSL)和傳輸層安全(TLS)Internet標
    準認證協議。如果用戶使用Internet Web瀏覽器查看特制網頁或使用利用SSL/TLS
    的應用程序,則此漏洞可能允許遠程執行代碼。但是,利用此漏洞的嘗試最有可
    能導致Internet Web瀏覽器或應用程序退出。重新啟動系統之前,系統不能使用
    SSL或TLS連接到網站或資源。

    風險級別和漏洞標識
__________________________________________________
|受影響軟件       |Windows Schannel |總體風險級別 |
|                 |安全軟件包漏洞   |             |
|                 |CVE-2007-2218    |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows 2000     |中等             | 中等        |
|SP4              |拒絕服務         |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows XP       |緊急             | 緊急        |
|SP2              |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows XP Pro   |緊急             | 緊急        |
|x64版和XP Pro x64|遠程代碼執行     |             |
|版SP2            |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Server   |重要             | 重要        |
|2003 SP1和Windows|拒絕服務         |             |
|Server 2003 SP2  |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Server   |重要             | 重要        |
|2003 x64版和     |拒絕服務         |             |
|Windows Server   |                 |             |
|2003 x64版SP2    |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Server   |重要             | 重要        |
|2003 with SP1    |拒絕服務         |             |
|for Itanium-based|                 |             |
|Systems和Windows |                 |             |
|Server 2003 with |                 |             |
|SP2 for Itanium- |                 |             |
|based Systems    |                 |             |
|_________________|_________________|_____________|            
    
    - 臨時解決方案:
    
    無
    
    - 廠商補丁:                

    微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶
    的"Windows update"功能下載最新補丁。

    您也可以通過微軟的安全公告選擇并安裝針對您所用系統的安全補丁:
    http://www.microsoft.com/china/technet/security/bulletin/MS07-031.mspx
    
3. MS07-032 Windows Vista中的漏洞可能導致信息泄露(931213)

    - 受影響軟件:
  
    Windows Vista — 下載更新:
    http://www.microsoft.com/downloads/details.aspx?displaylang=zh-cn&FamilyID=cdf79d00-6f34-404b-8ad5-a2801ff35443
    
    Windows Vista x64 Edition — 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=89dde3f4-4123-4c97-86d8-00a83462c34b

    - 漏洞描述:

    Windows Vista中存在一個信息泄露漏洞,可能允許非特權用戶訪問本地用戶信息
    存儲,包括注冊表和本地文件系統中包含的管理密碼。該漏洞可能允許本地攻擊
    者訪問用戶帳戶數據,然后使用該數據來嘗試獲得受影響系統的完全訪問權限。

    風險級別和漏洞標識
__________________________________________________
|受影響軟件       |寬松的用戶信息存 |總體風險級別 |
|                 |儲ACL信息泄露漏洞|             |
|                 |CVE-2007-2229    |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Vista    |中等             | 中等        |
|                 |信息泄露         |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Vista    |中等             | 中等        |
|x64版            |信息泄露         |             |
|_________________|_________________|_____________|
  
    - 臨時解決方案:
    
    無
    
    - 廠商補丁:                

    微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶的
    "Windows update"功能下載最新補丁。

    您也可以通過微軟的安全公告選擇并安裝針對您所用系統的安全補丁:
    http://www.microsoft.com/china/technet/security/bulletin/MS07-025.mspx
    
4. MS07-033 - Internet Explorer累計安全更新(933566)
  
    - 受影響軟件:
    
    操作系統:Microsoft Windows 2000 Service Pack 4
    組件:
    Microsoft Internet Explorer 5.01 Service Pack 4 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?displaylang=zh-cn&FamilyID=3B49F1ED-ABE3-4DBD-A91D-973415658F6B
    
    Microsoft Internet Explorer 6 Service Pack 1 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=5C958650-28D2-4DD0-96A8-DBFE79CE3F68
    
    操作系統:Windows XP Service Pack 2
    組件:Microsoft Internet Explorer 6 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=60FB294E-A8E1-405E-A289-2D2723EDF7EE
    
    操作系統:Windows XP Professional x64 Edition和Windows XP Professional
    x64 Edition Service Pack 2
    組件:Microsoft Internet Explorer 6 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=086D6D6E-4703-4C6C-A7AF-B6DAFEEEDE5D
    
    操作系統:Windows Server 2003 Service Pack 1和Windows Server 2003 Service
    Pack 2
    組件:Microsoft Internet Explorer 6 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=7ED19127-5C2D-48E4-A8D1-090DC69FD68B
        
    操作系統:Windows Server 2003 x64 Edition和Windows Server 2003 x64 Edition
    Service Pack 2
    組件:Microsoft Internet Explorer 6 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=1449EB5D-6E4C-4332-8CB6-AB9EE59C9A95
        
    操作系統:Windows Server 2003 with SP1 for Itanium-based Systems和Windows
    Server 2003 with SP2 for Itanium-based Systems
    組件:Microsoft Internet Explorer 6 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=B628A3CC-A70C-478A-A10C-EEE254EE34AB
    
    操作系統:Windows XP Service Pack 2
    組件:Microsoft Internet Explorer 7 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=C2191703-8CBD-4959-9F84-E13F21173926
    
    操作系統:Windows XP Professional x64 Edition和Windows XP Professional
    x64 Edition Service Pack 2
    組件:Microsoft Internet Explorer 7 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=69C526B8-8B07-42BC-9BED-E18DEAE21C8E
    
    操作系統:Windows Server 2003 Service Pack 1和Windows Server 2003 Service
    Pack 2
    組件:Microsoft Internet Explorer 7 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=A074D9C0-1FED-4753-845E-073CFCE99F45
        
    操作系統:Windows Server 2003 x64 Edition和Windows Server 2003 x64 Edition
    Service Pack 2
    組件:Microsoft Internet Explorer 7 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=744ACB43-64DA-48CC-AE69-9386B597EABC
        
    操作系統:Windows Server 2003 with SP1 for Itanium-based Systems和Windows
    Server 2003 with SP2 for Itanium-based Systems
    組件:Microsoft Internet Explorer 7 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=069C1560-B5E5-4DFE-A18D-E0507D406028
    
    操作系統:Windows Vista
    組件:Microsoft Internet Explorer 7 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=9B4D2FA7-D81E-499D-93C7-F64DC53B11B2
        
    操作系統:Windows Vista x64 Edition    
    組件:Microsoft Internet Explorer 7 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=77287386-48EB-4AA9-9537-626A3093AAF7

    - 漏洞描述:

    Internet Explorer中存在多個安全漏洞。如果用戶使用Internet Explorer查看
    了特制網頁,那么其中一個漏洞可能允許遠程執行代碼,一個漏洞可能允許欺騙,
    也可能涉及某特制網頁。在所有遠程執行代碼情形中,帳戶被配置為擁有較少用
    戶權限的用戶比具有管理用戶權限的用戶受到的影響要小。對于欺騙情形來說,
    漏洞利用需要用戶交互。

    風險級別和漏洞標識
________________________________________________________________________________________________________
|受影響軟件|COM對象實例化|CSS標記內存  |語言安裝包   |未初始化     |導航取消頁   |語音控制     |所有漏洞|
|          |內存破壞漏洞 |破壞漏洞     |漏洞         |內存破壞漏洞 |欺騙漏洞     |內存破壞漏洞 |總體風險|
|          |CVE-2007-0218|CVE-2007-1750|CVE-2007-3027|CVE-2007-1751|CVE-2007-1752|CVE-2007-2222|級別    |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |             |             |        |
|IE 5.01和 |             |             |             |             |             |             |        |
|6 SP1     |             |             |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |             |             |        |
|2000 SP4  |緊急         | 無          |緊急         |緊急         | 無          |緊急         | 緊急   |
|上的IE    |遠程執行代碼 |             |遠程執行代碼 |遠程執行代碼 |             |遠程執行代碼 |        |
|5.01 SP4  |             |             |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |             |             |        |
|2000 SP4  |緊急         | 緊急        |緊急         |緊急         | 無          |緊急         | 緊急   |
|上的IE 6  |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |             |遠程執行代碼 |        |
|SP1       |             |             |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |             |             |        |
|IE 6      |             |             |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |             |             |        |
|XP SP2上的|緊急         |緊急         |緊急         |緊急         | 無          |緊急         | 緊急   |
|IE 6      |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |             |遠程執行代碼 |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |             |             |        |
|XP x64版和|緊急         |緊急         |緊急         |緊急         | 無          |緊急         | 緊急   |
|XP x64 SP2|遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |             |遠程執行代碼 |        |
|的IE 6    |             |             |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|Server    |             |             |             |             |             |             |        |
|2003 SP1  |中等         |緊急         |緊急         |中等         | 無          |中等         | 緊急   |
|和Server  |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |             |遠程執行代碼 |        |
|2003 SP2  |             |             |             |             |             |             |        |
|的IE 6    |             |             |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|Server    |             |             |             |             |             |             |        |
|2003 x64  |中等         |緊急         |緊急         |中等         | 無          |中等         | 緊急   |
|和Server  |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |             |遠程執行代碼 |        |
|2003 x64  |             |             |             |             |             |             |        |
|SP2的IE 6 |             |             |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|Server    |             |             |             |             |             |             |        |
|2003 SP1  |中等         |緊急         |緊急         |中等         | 無          |中等         | 緊急   |
|(基于     |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |             |遠程執行代碼 |        |
|Itanium的 |             |             |             |             |             |             |        |
|系統)和   |             |             |             |             |             |             |        |
|Server2003|             |             |             |             |             |             |        |
|SP2(基于  |             |             |             |             |             |             |        |
|Itanium的 |             |             |             |             |             |             |        |
|系統的IE 6|             |             |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |             |             |        |
|IE 7      |             |             |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |             |             |        |
|XP SP2的  |無           |無           |緊急         |緊急         |中等         |緊急         | 緊急   |
|IE 7      |             |             |遠程執行代碼 |遠程執行代碼 |欺騙         |遠程執行代碼 |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |             |             |        |
|XP x64版和|無           |無           |緊急         |緊急         |中等         |緊急         | 緊急   |
|XP x64 SP2|             |             |遠程執行代碼 |遠程執行代碼 |欺騙         |遠程執行代碼 |        |
|的IE 7    |             |             |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|Server    |             |             |             |             |             |             |        |
|2003 SP1  |無           |無           |中等         |中等         |中等         |中等         | 中等   |
|和Server  |             |             |遠程執行代碼 |遠程執行代碼 |欺騙         |遠程執行代碼 |        |
|2003 SP2  |             |             |             |             |             |             |        |
|的IE 7    |             |             |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|Server    |             |             |             |             |             |             |        |
|2003 x64  |無           |無           |中等         |中等         |中等         |中等         | 中等   |
|和Server  |             |             |遠程執行代碼 |遠程執行代碼 |欺騙         |遠程執行代碼 |        |
|2003 x64  |             |             |             |             |             |             |        |
|SP2的IE 7 |             |             |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|Server    |             |             |             |             |             |             |        |
|2003 SP1  |無           |無           |中等         |中等         |中等         |低           | 中等   |
|(基于     |             |             |遠程執行代碼 |遠程執行代碼 |欺騙         |遠程執行代碼 |        |
|Itanium的 |             |             |             |             |             |             |        |
|系統)和   |             |             |             |             |             |             |        |
|Server2003|             |             |             |             |             |             |        |
|SP2(基于  |             |             |             |             |             |             |        |
|Itanium的 |             |             |             |             |             |             |        |
|系統的IE 7|             |             |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |             |             |        |
|Vista中的 |無           |無           |無           |緊急         |中等         |緊急         | 緊急   |
|IE 7      |             |             |             |遠程執行代碼 |欺騙         |遠程執行代碼 |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |             |             |        |
|Vista x64 |無           |無           |無           |緊急         |中等         |緊急         | 緊急   |
|版中的IE 7|             |             |             |遠程執行代碼 |欺騙         |遠程執行代碼 |        |
|__________|_____________|_____________|_____________|_____________|_____________|_____________|________|
              
    - 臨時解決方案:
    
    * 將Internet Explorer配置為在Internet和本地Intranet安全區域中運行ActiveX
    控件之前進行提示    
    * 將Internet 和本地Intranet安全區域設置設為“高”,以便在這些區域中運行
    ActiveX控件和活動腳本之前進行提示
    * 禁止在Internet Explorer中運行COM對象
    * 以純文本格式閱讀電子郵件可幫助保護您免受來自HTML電子郵件攻擊媒介的攻擊
    * 阻止語言包安裝,
      
      Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International]
"W2KLpk"=dword:00000000

      可以通過雙擊此.reg文件將其應用到各個系統。

    - 廠商補丁:                

     微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶
     的"Windows update"功能下載最新補丁。

     您也可以通過微軟的安全公告選擇并安裝針對您所用系統的安全補丁:
     http://www.microsoft.com/china/technet/security/bulletin/MS07-033.mspx
    
5. MS07-034 - Outlook Express和Windows Mail累積安全更新(929123)

    - 受影響軟件:
    
    操作系統:Windows XP Service Pack 2
    組件:Microsoft Outlook Express 6 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?displaylang=zh-cn&FamilyID=27cca556-0872-4803-b610-4c895ceb99aa
    
    操作系統:Windows XP Professional x64 Edition
    組件:Microsoft Outlook Express 6 - 下載更新:
    http://www.microsoft,com/downloads/details.aspx?FamilyId=1ea813bf-bddb-40f0-8960-b9debc8413e7
    
    操作系統:Windows XP Professional x64 Edition Service Pack 2
    組件:Microsoft Outlook Express 6 - 下載更新:
    http://www.microsoft,com/downloads/details.aspx?FamilyId=1ea813bf-bddb-40f0-8960-b9debc8413e7
    
    操作系統:Windows Server 2003 Service Pack 1
    組件:Microsoft Outlook Express 6 - 下載更新:
    http://www.microsoft,com/downloads/details.aspx?FamilyId=93808a74-035c-4ab7-9283-c693d7bd82be

    操作系統:Windows Server 2003 Service Pack 2
    組件:Microsoft Outlook Express 6 - 下載更新:
    http://www.microsoft,com/downloads/details.aspx?FamilyId=93808a74-035c-4ab7-9283-c693d7bd82be
            
    操作系統:Windows Server 2003 x64 Edition
    組件:Microsoft Outlook Express 6 - 下載更新:
    http://www.microsoft,com/downloads/details.aspx?FamilyId=f63323a9-e285-45e5-84bd-71ae9da126e3
            
    操作系統:Windows Server 2003 x64 Edition Service Pack 2
    組件:Microsoft Outlook Express 6 - 下載更新:
    http://www.microsoft,com/downloads/details.aspx?FamilyId=f63323a9-e285-45e5-84bd-71ae9da126e3
            
    操作系統:Windows Server 2003 with SP1 for Itanium-based Systems
    組件:Microsoft Outlook Express 6 - 下載更新:
    http://www.microsoft,com/downloads/details.aspx?FamilyId=2e62e96e-6571-437d-a612-99175ac39025

    操作系統:Windows Server 2003 with SP2 for Itanium-based Systems
    組件:Microsoft Outlook Express 6 - 下載更新:
    http://www.microsoft,com/downloads/details.aspx?FamilyId=2e62e96e-6571-437d-a612-99175ac39025
        
    操作系統:Windows Vista
    組件:Windows Mail - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=ee57de19-44ea-48f2-ae28-e76fd2018633
        
    操作系統:Windows Vista x64 Edition    
    組件:Windows Mail - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=343db20f-7794-4423-b11d-885329fbdf78

    - 漏洞描述:

    如果用戶使用Windows Vista中的Windows Mail查看特制的電子郵件,則可能允許
    遠程執行代碼。如果用戶使用Internet Explorer訪問特制網頁,則可能允許信息
    泄露,但該漏洞不能在Outlook Express中直接被利用。 對于信息泄露漏洞,帳
    戶被配置為擁有較少用戶權限的用戶比具有管理用戶權限的用戶受到的影響要小。
    
    風險級別和漏洞標識
_____________________________________________________________________________
|受影響軟件|URL重定向跨域|Windows Mail |URL解析跨域  |內容處置解析 |所有漏洞|
|          |信息泄露漏洞 |UNC導航請求遠|信息泄露漏洞 |跨域信息泄露 |總體風險|
|          |CVE-2006-2111|程代碼執行   |CVE-2007-2225|CVE-2007-2227|級別    |
|          |             |CVE-2007-1658|             |             |        |
|__________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |        |
|Windows XP|             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |        |
|XP SP2上的|重要         |無           |重要         |中等         | 重要   |
|Outlook   |信息泄露     |             |信息泄露     |信息泄露     |        |
|Express 6 |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |        |
|XP x64版和|重要         |無           |重要         |中等         | 重要   |
|XP x64 SP2|信息泄露     |             |信息泄露     |信息泄露     |        |
|上的      |             |             |             |             |        |
|Outlook   |             |             |             |             |        |
|Express 6 |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|________|
|Windows   |             |             |             |             |        |
|Server    |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|________|
|Server    |             |             |             |             |        |
|2003 SP1  |低           |無           |低           |低           | 低     |
|和Server  |信息泄露     |             |信息泄露     |信息泄露     |        |
|2003 SP2  |             |             |             |             |        |
|上的      |             |             |             |             |        |
|Outlook   |             |             |             |             |        |
|Express 6 |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|________|
|Server    |             |             |             |             |        |
|2003 x64  |低           |無           |低           |中等         | 中等   |
|和Server  |信息泄露     |             |信息泄露     |信息泄露     |        |
|2003 x64  |             |             |             |             |        |
|SP2上的   |             |             |             |             |        |
|Outlook   |             |             |             |             |        |
|Express 6 |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|________|
|Server    |             |             |             |             |        |
|2003 SP1  |低           |無           |低           |低           | 低     |
|(基于     |信息泄露     |             |信息泄露     |信息泄露     |        |
|Itanium的 |             |             |             |             |        |
|系統)和   |             |             |             |             |        |
|Server2003|             |             |             |             |        |
|SP2(基于  |             |             |             |             |        |
|Itanium的 |             |             |             |             |        |
|系統上的  |             |             |             |             |        |
|Outlook   |             |             |             |             |        |
|Express 6 |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|________|
|Windows   |             |             |             |             |        |
|Vista     |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|________|
|Vista中的 |             |             |             |             |        |
|Windows   |重要         |緊急         |重要         |中等         | 緊急   |
|Mail      |信息泄露     |遠程代碼執行 |信息泄露     |信息泄露     |        |
|__________|_____________|_____________|_____________|_____________|________|
|          |             |             |             |             |        |
|Vista x64 |重要         |緊急         |重要         |中等         | 緊急   |
|版中的    |信息泄露     |遠程代碼執行 |信息泄露     |信息泄露     |        |
|Windows   |             |             |             |             |        |
|Mail      |             |             |             |             |        |
|__________|_____________|_____________|_____________|_____________|________|

    - 臨時解決方案:

    * 禁用MHTML協議處理程序。
    
    要禁用協議處理程序,請按照下列步驟執行操作:
    
    1. 單擊“開始”,然后單擊“運行 ”。在文本框中輸入regedit.exe,然后單擊“確定”。
    2. 導航到HKEY_CLASSES_ROOT\CLSID\{05300401-BCBC-11d0-85E3-00C04FD85AB4}。
    3. 右鍵單擊{05300401-BCBC-11d0-85E3-00C04FD85AB4},然后選擇“權限”。
    4. 單擊“高級”。
    5. 取消選中“允許將來自父級的可繼承權限傳播給該對象
    6. 單擊“刪除”,然后單擊“確定”。 在后續屏幕上單擊“是”和“確定”。
    
    * 將Internet Explorer配置為在Internet和本地Intranet安全區域中運行活動腳
    本或禁用活動腳本之前進行提示。
    * 以純文本格式閱讀電子郵件可幫助防范來自HTML電子郵件攻擊媒介的攻擊。
    * 將Internet和本地Intranet安全區域設置設為“高”,以便在這些區域中運行活
    動腳本之前進行提示。
    
    - 廠商補丁:                

    微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶
    的"Windows update"功能下載最新補丁。

    http://www.microsoft.com/china/technet/security/bulletin/MS07-034.mspx
    
6. Win 32 API中的漏洞可能允許遠程代碼執行(935839)

    - 受影響軟件:
  
    Microsoft Windows 2000 Service Pack 4 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=3918ac76-ebb6-4886-9a9e-808eafb96b1b
    
    Windows XP Service Pack 2 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?displaylang=zh-cn&FamilyID=27c7f1b9-2d1d-40cb-ad7e-bfedb6156a9c
    
    Windows XP Professional x64 Edition和Windows XP Professional x64 Edition
    Service Pack 2 - 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=0ba12191-1e6f-443b-9150-7ab8b2deb7c2

    Microsoft Windows Server 2003 Service Pack 1和Microsoft Windows Server
    2003 Service Pack 2 — 下載更新:
    http://www.microsoft.com/downloads/details.aspx?displaylang=zh-cn&FamilyID=d554dff4-bcfb-4bbc-8fa0-af2f939d2610

    Microsoft Windows Server 2003 x64 Edition Service Pack 1和Microsoft Windows
    Server 2003 x64 Edition Service Pack 2 — 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=170473d8-6bb1-4fbd-8494-a059dbfdf182
    
    Microsoft Windows Server 2003 with SP1 for Itanium-based Systems和Microsoft
    Windows Server 2003 with SP2 for Itanium-based Systems — 下載更新:
    http://www.microsoft.com/downloads/details.aspx?FamilyId=f5e45e3c-4cac-41a5-99f7-42c2c2c73e99

    - 漏洞描述:

    這個緊急安全更新修復了Win32 API中秘密報告的漏洞,如果特制的應用程序本地
    使用了受影響的API的話,該漏洞可能允許遠程代碼執行或權限提升。因此,使用
    Win32這個組件的應用程序可能被用作漏洞的攻擊載體。例如,Internet Explorer
    在解析特制的網頁時使用這個Win32 API函數。

    風險級別和漏洞標識
__________________________________________________
|受影響軟件       |Win32 API漏洞 –  |總體風險級別 |
|                 |CVE-2007-2219    |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows 2000     |緊急             | 緊急        |
|SP4              |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows XP       |緊急             | 緊急        |
|SP2              |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows XP Pro   |緊急             | 緊急        |
|x64版和XP Pro x64|遠程代碼執行     |             |
|版SP2            |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Server   |緊急             | 緊急        |
|2003 SP1和Windows|遠程代碼執行     |             |
|Server 2003 SP2  |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Server   |緊急             | 緊急        |
|2003 x64版和     |遠程代碼執行     |             |
|Windows Server   |                 |             |
|2003 x64版SP2    |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Server   |緊急             | 緊急        |
|2003 with SP1    |遠程代碼執行     |             |
|for Itanium-based|                 |             |
|Systems和Windows |                 |             |
|Server 2003 with |                 |             |
|SP2 for Itanium- |                 |             |
|based Systems    |                 |             |
|_________________|_________________|_____________|            
  
    - 臨時解決方案:
    
    * 以純文本格式閱讀郵件消息以防范HTML郵件攻擊。
    
    - 廠商補丁:                

    微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶的
    "Windows update"功能下載最新補丁。

    您也可以通過微軟的安全公告選擇并安裝針對您所用系統的安全補丁:
    http://www.microsoft.com/china/technet/security/bulletin/MS07-035.mspx

附加信息:
==========
1. http://www.microsoft.com/china/technet/security/bulletin/MS07-030.mspx
2. http://www.microsoft.com/china/technet/security/bulletin/MS07-031.mspx
3. http://www.microsoft.com/china/technet/security/bulletin/MS07-032.mspx
4. http://www.microsoft.com/china/technet/security/bulletin/MS07-033.mspx
5. http://www.microsoft.com/china/technet/security/bulletin/MS07-034.mspx
6. http://www.zerodayinitiative.com/advisories/ZDI-07-037.html
7. http://www.zerodayinitiative.com/advisories/ZDI-07-038.html
8. http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=542
9. http://secunia.com/advisories/25619/
10. http://secunia.com/advisories/25620/
11. http://secunia.com/advisories/25623/
12. http://secunia.com/advisories/25627/
13. http://secunia.com/advisories/25639/
14. http://secunia.com/advisories/25640/
15. http://marc.info/?l=bugtraq&m=118167832705224&w=2

聲 明
==========

本安全公告僅用來描述可能存在的安全問題,綠盟科技不為此安全公告提供任何保證或承諾。由于傳播、利用此安全公告所提供的信息而造成的任何直接或者間接的后果及損失,均由使用者本人負責,綠盟科技以及安全公告作者不為此承擔任何責任。綠盟科技擁有對此安全公告的修改和解釋權。如欲轉載或傳播此安全公告,必須保證此安全公告的完整性,包括版權聲明等全部內容。未經綠盟科技允許,不得任意修改或者增減此安全公告內容,不得以任何方式將其用于商業目的。

關于綠盟科技
============

綠盟科技(NSFOCUS Co., Ltd.)是中國網絡安全領域的領導企業,致力于網絡和系統安全問題的研究、高端網絡安全產品的研發、銷售與網絡安全服務,在入侵檢測/保護、遠程評估、 DDoS攻擊防護等方面提供具有國際競爭能力的先進產品,是國內最具安全服務經驗的專業公司。有關綠盟科技的詳情請參見: http://www.nsfocus.com

© 2019 綠盟科技
重庆时时彩计划准不准 闲来广东麻将下载安装 369电玩城游戏下载 广东快乐10分前组技巧 时时彩分析软件 快乐赛车pk10直播 扑克21玩法 腾讯棋牌手游 写赚钱的小说 时时彩一星定胆 时时彩提前2分钟开奖器 快乐十分猜大数中奖规则 重庆欢乐生肖是怎么玩的