首頁 -> 安全研究

安全研究

緊急通告
綠盟科技緊急通告(Alert2007-09)

NSFOCUS安全小組([email protected])
http://www.nsfocus.com

微軟發布8月份安全公告 修復多個嚴重安全漏洞

發布日期:2007-08-15


綜述:
======
微軟發布了8月份的9篇安全公告,這些公告描述并修復了14個安全漏洞,其中8個漏洞屬于“緊急”風險級別。攻擊者利用這些漏洞可能遠程入侵并完全控制客戶端系統。

我們強烈建議使用Windows操作系統的用戶立刻檢查一下您的系統是否受此漏洞影響,并按照我們提供的解決方法予以解決。

分析:
======
微軟發布了8月份的9篇最新的安全公告:MS07-042到MS07-050。這些安全公告分別描述了14個安全問題,分別是有關各版本的Microsoft Windows、IE、Excel和Virtual PC/Virtual Server等產品和服務中的漏洞。

1. MS07-042 Microsoft XML Core服務中的漏洞可能允許遠程執行代碼(936227)

    - 受影響軟件:
    
    操作系統:Microsoft Windows 2000 Service Pack 4
    組件:
    Microsoft XML Core Services 3.0
    Microsoft XML Core Services 4.0
    Microsoft XML Core Services 6.0
    
    操作系統:Windows XP Service Pack 2
    組件:
    Microsoft XML Core Services 3.0
    Microsoft XML Core Services 4.0
    Microsoft XML Core Services 6.0

    操作系統:Windows XP Professional x64 Edition和Windows XP Professional
    x64 Edition Service Pack 2
    組件:
    Microsoft XML Core Services 3.0
    Microsoft XML Core Services 4.0
    Microsoft XML Core Services 6.0
    
    操作系統:Windows Server 2003 Service Pack 1和Service Pack 2
    組件:
    Microsoft XML Core Services 3.0
    Microsoft XML Core Services 4.0
    Microsoft XML Core Services 6.0
    
    操作系統:Windows Server 2003 x64 Edition和Windows Server 2003 x64 Edition
    Service Pack 2
    組件:
    Microsoft XML Core Services 3.0
    Microsoft XML Core Services 4.0
    Microsoft XML Core Services 6.0
        
    操作系統:Windows Server 2003 with SP1 for Itanium-based Systems和Windows
    Server 2003 with SP2 for Itanium-based Systems
    組件:
    Microsoft XML Core Services 3.0
    Microsoft XML Core Services 4.0
    Microsoft XML Core Services 6.0
    
    操作系統:Windows Vista
    組件:
    Microsoft XML Core Services 3.0
    Microsoft XML Core Services 4.0
    Microsoft XML Core Services 6.0    

    Office軟件:Microsoft Office 2003 Service Pack 2、2007 Microsoft Office System、
    Microsoft Office SharePoint Server和Microsoft Office Groove Server 2007
    組件:
    Microsoft XML Core Services 5.0
                        
    - 漏洞描述:

    特制的腳本請求可能導致在使用Microsoft XML Core服務時出現內存破壞。成功
    利用這個漏洞的攻擊者可以以登錄用戶的權限對系統進行更改,如果用戶以管理
    權限登錄的話,攻擊者就可以完全控制受影響的系統。
    
    風險級別和漏洞標識
__________________________________________________
|受影響軟件       |Microsoft XML    |總體風險級別 |
|                 |Core服務漏洞     |             |
|                 |CVE-2007-2223    |             |
|_________________|_________________|_____________|
|Windows 2000     |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|2000 SP4上的     |緊急             | 緊急        |
|XML Core Services|遠程代碼執行     |             |
|3.0、4.0、6.0    |                 |             |
|_________________|_________________|_____________|
|Windows XP       |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|XP SP2、XP Pro   |緊急             | 緊急        |
|x64版、XP Pro x64|遠程代碼執行     |             |
|版SP2上的XML Core|                 |             |
|Services 3.0、   |                 |             |
|4.0、6.0         |                 |             |
|_________________|_________________|_____________|
|Server 2003      |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|2003 SP1、2003   |中等             | 中等        |
|SP2、2003 x64版、|遠程代碼執行     |             |
|2003 x64版SP2、  |                 |             |
|基于Itanium系統的|                 |             |
|2003 SP1和SP2上的|                 |             |
|XML Core Services|                 |             |
|3.0、4.0、6.0    |                 |             |
|_________________|_________________|_____________|
|Windows Vista    |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Vista、Vista     |緊急             | 緊急        |
|x64版上的XML     |遠程代碼執行     |             |
|Core Services    |                 |             |
|3.0、4.0、6.0    |                 |             |
|_________________|_________________|_____________|
|Office套件       |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|安裝了XML Core   |緊急             | 緊急        |
|Services 5.0、6.0|遠程代碼執行     |             |
|的Office 2003    |                 |             |
|System、Office   |                 |             |
|SharePoint Server|                 |             |
|和Office Groove  |                 |             |
|Server 2007      |                 |             |
|_________________|_________________|_____________|
  
    - 臨時解決方案:

    * 將Internet Explorer配置為在Internet和本地Intranet安全區域中運行ActiveX
    控件之前進行提示    
    * 將Internet 和本地Intranet安全區域設置設為“高”,以便在這些區域中運行
    ActiveX控件和活動腳本之前進行提示
                  
    - 廠商補丁:                

    微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶的
    "Windows update"功能下載最新補丁。
    
    您也可以通過微軟的安全公告選擇并安裝針對您所用系統的安全補丁:
    http://www.microsoft.com/china/technet/security/bulletin/MS07-042.mspx
    
2. MS07-043 - OLE自動化中的漏洞可能允許遠程執行代碼(921503)

    - 受影響系統:
    
    Microsoft Windows 2000 Service Pack 4
    Windows XP Service Pack 2
    Windows XP Professional x64 Edition和Windows XP Professional x64 Edition
    Service Pack 2
    Microsoft Windows Server 2003 Service Pack 1和Microsoft Windows Server
    2003 Service Pack 2
    Microsoft Windows Server 2003 x64 Edition Service Pack 1和Microsoft Windows
    Server 2003 x64 Edition Service Pack 2    
    Microsoft Windows Server 2003 with SP1 for Itanium-based Systems和Microsoft
    Windows Server 2003 with SP2 for Itanium-based Systems
    Microsoft Office 2004 for Mac
    Microsoft Visual Basic 6.0 Service Pack 6

    - 漏洞描述:

    特制的腳本請求可能導致在使用OLE自動化時出現內存破壞。成功利用這個漏洞的
    攻擊者可以以登錄用戶的權限對系統進行更改,如果用戶以管理權限登錄的話,
    攻擊者就可以完全控制受影響的系統。

    風險級別和漏洞標識
__________________________________________________
|受影響軟件       |OLE自動化內存破壞|總體風險級別 |
|                 |漏洞             |             |
|                 |CVE-2007-2224    |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows 2000     |緊急             | 緊急        |
|SP4              |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows XP       |緊急             | 緊急        |
|SP2              |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows XP Pro   |緊急             | 緊急        |
|x64版和XP Pro x64|遠程代碼執行     |             |
|版SP2            |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Server   |中等             | 中等        |
|2003 SP1和Windows|遠程代碼執行     |             |
|Server 2003 SP2  |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Server   |中等             | 中等        |
|2003 x64版和     |遠程代碼執行     |             |
|Windows Server   |                 |             |
|2003 x64版SP2    |                 |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Server   |中等             | 中等        |
|2003 with SP1    |遠程代碼執行     |             |
|for Itanium-based|                 |             |
|Systems和Windows |                 |             |
|Server 2003 with |                 |             |
|SP2 for Itanium- |                 |             |
|based Systems    |                 |             |
|_________________|_________________|_____________|            
|                 |                 |             |
|Microsoft Office |緊急             | 緊急        |
|2004 for Mac     |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Microsoft Visual |緊急             | 緊急        |
|Basic 6.0 SP6    |遠程代碼執行     |             |
|_________________|_________________|_____________|
    
    - 臨時解決方案:
    
    * 將Internet Explorer配置為在Internet和本地Intranet安全區域中運行ActiveX
    控件之前進行提示    
    * 將Internet 和本地Intranet安全區域設置設為“高”,以便在這些區域中運行
    ActiveX控件和活動腳本之前進行提示
    
    - 廠商補丁:                

    微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶
    的"Windows update"功能下載最新補丁。

    您也可以通過微軟的安全公告選擇并安裝針對您所用系統的安全補丁:
    http://www.microsoft.com/china/technet/security/bulletin/MS07-043.mspx
    
3. MS07-044 Microsoft Excel中的漏洞可能導致遠程執行代碼(940965)

    - 受影響軟件:
  
    Microsoft Office 2000 Service Pack 3
    Microsoft Office XP Service Pack 3
    Microsoft Office 2003 Service Pack 2
    Microsoft Office 2004 for Mac

    - 漏洞描述:

    Excel在表示Workspace的索引值時沒有執行充分的驗證,如果用戶受騙打開了惡
    意的Excel文件的話就可能導致執行任意代碼。

    風險級別和漏洞標識
__________________________________________________
|受影響軟件       |Workspace內存破壞|總體風險級別 |
|                 |漏洞             |             |
|                 |CVE-2007-3890    |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Excel 2000 SP3   |緊急             | 緊急        |
|                 |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Excel 2002 SP3   |重要             | 重要        |
|                 |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Excel 2003 SP2   |重要             | 重要        |
|                 |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Excel 2003 Viewer|重要             | 重要        |
|                 |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Office 2004 for  |重要             | 重要        |
|Mac              |遠程代碼執行     |             |
|_________________|_________________|_____________|
    
    - 臨時解決方案:
    
    * 使用Microsoft Office文件阻斷策略禁止打開不可信任來源和位置的Office 2003
    及更早版本文檔:
    
    Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\FileOpenBlock]

"BinaryFiles"=dword:00000001.
    
    - 廠商補丁:                

    微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶的
    "Windows update"功能下載最新補丁。

    您也可以通過微軟的安全公告選擇并安裝針對您所用系統的安全補丁:
    http://www.microsoft.com/china/technet/security/bulletin/MS07-044.mspx
    
4. MS07-045 - Internet Explorer累積安全更新(937143)
  
    - 受影響軟件:
    
    Internet Explorer 5.01
    Internet Explorer 6 Service Pack 1
    Internet Explorer 6
    Internet Explorer 7

    - 漏洞描述:

    Internet Explorer中存在多個安全漏洞。如果用戶使用Internet Explorer查看
    了特制網頁,就可能導致多個內存破壞的情況。帳戶被配置為擁有較少用戶權限
    的用戶比具有管理用戶權限的用戶受到的影響要小。

    風險級別和漏洞標識
______________________________________________________________
|受影響軟件|CSS內存破壞  |ActiveX對象  |ActiveX對象  |所有漏洞|
|          |漏洞         |漏洞         |內存破壞漏洞 |總體風險|
|          |CVE-2007-0943|CVE-2007-2216|CVE-2007-3041|級別    |
|__________|_____________|_____________|_____________|________|
|          |             |             |             |        |
|IE 5.01和 |             |             |             |        |
|6 SP1     |             |             |             |        |
|__________|_____________|_____________|_____________|________|
|          |             |             |             |        |
|2000 SP4  |緊急         |緊急         |緊急         |緊急    |
|上的IE    |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |        |
|5.01 SP4  |             |             |             |        |
|__________|_____________|_____________|_____________|________|
|          |             |             |             |        |
|2000 SP4  |無           |緊急         |緊急         |緊急    |
|上的IE 6  |             |遠程執行代碼 |遠程執行代碼 |        |
|SP1       |             |             |             |        |
|__________|_____________|_____________|_____________|________|
|          |             |             |             |        |
|IE 6      |             |             |             |        |
|__________|_____________|_____________|_____________|________|
|          |             |             |             |        |
|XP SP2上的|無           |緊急         |緊急         |緊急    |
|IE 6      |             |遠程執行代碼 |遠程執行代碼 |        |
|__________|_____________|_____________|_____________|________|
|          |             |             |             |        |
|XP x64版和|無           |緊急         |緊急         |緊急    |
|XP x64 SP2|             |遠程執行代碼 |遠程執行代碼 |        |
|的IE 6    |             |             |             |        |
|__________|_____________|_____________|_____________|________|
|Server    |             |             |             |        |
|2003 SP1  |無           |中等         |中等         |中等    |
|和Server  |             |遠程執行代碼 |遠程執行代碼 |        |
|2003 SP2  |             |             |             |        |
|的IE 6    |             |             |             |        |
|__________|_____________|_____________|_____________|________|
|Server    |             |             |             |        |
|2003 x64  |無           |中等         |中等         |中等    |
|和Server  |             |遠程執行代碼 |遠程執行代碼 |        |
|2003 x64  |             |             |             |        |
|SP2的IE 6 |             |             |             |        |
|__________|_____________|_____________|_____________|________|
|Server    |             |             |             |        |
|2003 SP1  |無           |中等         |中等         |中等    |
|(基于     |             |遠程執行代碼 |遠程執行代碼 |        |
|Itanium的 |             |             |             |        |
|系統)和   |             |             |             |        |
|Server2003|             |             |             |        |
|SP2(基于  |             |             |             |        |
|Itanium的 |             |             |             |        |
|系統的IE 6|             |             |             |        |
|__________|_____________|_____________|_____________|________|
|          |             |             |             |        |
|IE 7      |             |             |             |        |
|__________|_____________|_____________|_____________|________|
|          |             |             |             |        |
|XP SP2的  |無           |重要         |重要         |重要    |
|IE 7      |             |遠程執行代碼 |遠程執行代碼 |        |
|__________|_____________|_____________|_____________|________|
|          |             |             |             |        |
|XP x64版和|無           |重要         |重要         |重要    |
|XP x64 SP2|             |遠程執行代碼 |遠程執行代碼 |        |
|的IE 7    |             |             |             |        |
|__________|_____________|_____________|_____________|________|
|Server    |             |             |             |        |
|2003 SP1  |無           |低           |低           |低      |
|和Server  |             |遠程執行代碼 |遠程執行代碼 |        |
|2003 SP2  |             |             |             |        |
|的IE 7    |             |             |             |        |
|__________|_____________|_____________|_____________|________|
|Server    |             |             |             |        |
|2003 x64  |無           |低           |低           |低      |
|和Server  |             |遠程執行代碼 |遠程執行代碼 |        |
|2003 x64  |             |             |             |        |
|SP2的IE 7 |             |             |             |        |
|__________|_____________|_____________|_____________|________|
|Server    |             |             |             |        |
|2003 SP1  |無           |低           |低           |低      |
|(基于     |             |遠程執行代碼 |遠程執行代碼 |        |
|Itanium的 |             |             |             |        |
|系統)和   |             |             |             |        |
|Server2003|             |             |             |        |
|SP2(基于  |             |             |             |        |
|Itanium的 |             |             |             |        |
|系統的IE 7|             |             |             |        |
|__________|_____________|_____________|_____________|________|
|          |             |             |             |        |
|Vista中的 |無           |重要         |重要         |重要    |
|IE 7      |             |             |             |遠      |
|__________|_____________|_____________|_____________|________|
|          |             |             |             |        |
|Vista x64 |無           |重要         |重要         |重要    |
|版中的IE 7|             |             |             |遠程執  |
|__________|_____________|_____________|_____________|________|
              
    - 臨時解決方案:
    
    * 將Internet Explorer配置為在Internet和本地Intranet安全區域中運行ActiveX
    控件之前進行提示    
    * 將Internet 和本地Intranet安全區域設置設為“高”,以便在這些區域中運行
    ActiveX控件和活動腳本之前進行提示
    * 禁止在Internet Explorer中運行COM對象

    - 廠商補丁:                

     微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶
     的"Windows update"功能下載最新補丁。

     您也可以通過微軟的安全公告選擇并安裝針對您所用系統的安全補丁:
     http://www.microsoft.com/china/technet/security/bulletin/MS07-045.mspx
    
5. MS07-046 - GDI中的漏洞可能導致遠程執行代碼(938829)

    - 受影響軟件:
    
    Microsoft Windows 2000 Service Pack 4
    Windows XP Service Pack 2
    Windows XP Professional x64 Edition
    Microsoft Windows Server 2003 Service Pack 1
    Microsoft Windows Server 2003 x64 Edition
    Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
    
    - 漏洞描述:

    圖形渲染引擎處理特制圖形的方式存在漏洞。如果用戶受騙打開了特制圖形的話,
    就可能觸發這個漏洞,導致執行任意代碼。
    
    風險級別和漏洞標識
__________________________________________________
|受影響軟件       |GDI遠程代碼執行  |總體風險級別 |
|                 |漏洞             |             |
|                 |CVE-2007-3034    |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows 2000     |緊急             | 緊急        |
|SP4              |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows XP       |緊急             | 緊急        |
|SP2              |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows XP Pro   |緊急             | 緊急        |
|x64版            |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Server   |緊急             | 緊急        |
|2003 SP1         |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Server   |緊急             | 緊急        |
|2003 x64版       |遠程代碼執行     |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Windows Server   |緊急             | 緊急        |
|2003 with SP1    |遠程代碼執行     |             |
|for Itanium-based|                 |             |
|Systems          |                 |             |
|_________________|_________________|_____________|
  
    - 臨時解決方案:

    無
    
    - 廠商補丁:                

    微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶
    的"Windows update"功能下載最新補丁。

    http://www.microsoft.com/china/technet/security/bulletin/MS07-046.mspx
    
6. MS07-047 - Windows Media Player中的漏洞可能允許遠程執行代碼(936782)

    - 受影響軟件:
  
    操作系統:Microsoft Windows 2000 Service Pack 4
    組件:
    Windows Media Player 7.1
    Windows Media Player 9
    
    操作系統:Windows XP Service Pack 2
    組件:
    Windows Media Player 9
    Windows Media Player 10
    Windows Media Player 11
    
    操作系統:Windows XP Professional x64 Edition和Windows XP Professional
    x64 Edition Service Pack 2
    組件:
    Windows Media Player 10
    Windows Media Player 11
        
    操作系統:Windows Server 2003 Service Pack 1和Service Pack 2
    組件:
    Windows Media Player 10
    Windows Media Player 11
        
    操作系統:Windows Server 2003 x64 Edition和Windows Server 2003 x64 Edition
    Service Pack 2
    組件:
    Windows Media Player 10
    Windows Media Player 11
        
    操作系統:Windows Vista
    組件:
    Windows Media Player 11

    - 漏洞描述:

    Windows Media Player沒有正確的處理皮膚文件中的頭信息。如果用戶受騙加載
    了惡意的媒體文件的話就可能導致執行任意代碼。

    風險級別和漏洞標識
________________________________________________
|受影響軟件|Media Player |Media Player |所有漏洞|
|          |代碼執行漏洞 |解壓皮膚漏洞 |總體風險|
|          |CVE-2007-3037|CVE-2007-3035|級別    |
|__________|_____________|_____________|________|
|          |             |             |        |
|Media     | 重要        | 重要        | 重要   |
|Player 7.1| 遠程執行代碼| 遠程執行代碼|        |
|__________|_____________|_____________|________|
|          |             |             |        |
|Media     | 重要        | 重要        | 重要   |
|Player 9  | 遠程執行代碼| 遠程執行代碼|        |
|__________|_____________|_____________|________|
|Media     |             |             |        |
|Player 10 | 重要        | 重要        | 重要   |
|          | 遠程執行代碼| 遠程執行代碼|        |
|__________|_____________|_____________|________|
|Media     |             |             |        |
|Player 11 | 重要        | 重要        | 重要   |
|          | 遠程執行代碼|             |        |
|__________|_____________|_____________|________|

    - 臨時解決方案:
    
    * 解除WMZ和WMD文件關聯
    * 注銷Wmp.dll
    
    - 廠商補丁:                

    微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶的
    "Windows update"功能下載最新補丁。

    您也可以通過微軟的安全公告選擇并安裝針對您所用系統的安全補丁:
    http://www.microsoft.com/china/technet/security/bulletin/MS07-047.mspx    

7. MS07-048 - Windows Gadgets中的漏洞可能導致遠程執行代碼(938123)
  
    - 受影響軟件:
    
    Windows Vista
    Windows Vista x64 Edition

    - 漏洞描述:

    Vista中所捆綁的Feed Headlines Gadget和Weather Gadget在解析HTML屬性時沒
    有執行充分的驗證,Contacts Gadget在導入聯系人時也沒有執行充分的驗證。如
    果用戶受騙訪問了惡意網頁或訂閱了惡意的RSS feed的話,就可能觸發這些漏洞,
    導致以登錄用戶的權限執行任意代碼。

    風險級別和漏洞標識
______________________________________________________________
|受影響軟件|Vista Feed   |Vista        |Vista Weather|所有漏洞|
|          |Headlines    |Contacts     |Gadget遠程代 |總體風險|
|          |Gadget遠程代 |Gadget遠程代 |碼執行漏洞   |級別    |
|          |碼執行漏洞   |碼執行漏洞   |             |        |
|          |CVE-2007-3033|CVE-2007-3032|CVE-2007-3891|        |
|__________|_____________|_____________|_____________|________|
|          |             |             |             |        |
|Vista     |重要         |中等         |中等         |重要    |
|          |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |        |
|__________|_____________|_____________|_____________|________|
|          |             |             |             |        |
|Vista x64 |重要         |中等         |中等         |重要    |
|版        |遠程執行代碼 |遠程執行代碼 |遠程執行代碼 |        |
|__________|_____________|_____________|_____________|________|
              
    - 臨時解決方案:
    
    * 禁用或注銷有漏洞的Gadget
    * 在組策略或系統注冊表中禁用側欄
    * 修改gadget.xml的訪問控制列表:
    
    在命令行提示符中輸入cd %ProgramFiles%\Windows Sidebar\Gadgets\Contacts.Gadget\en-US
    然后對Weather Gadget和Contacts Gadget鍵入以下命令:icacls gadget.xml /deny Everyone:(R,RX)

    - 廠商補丁:                

     微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶
     的"Windows update"功能下載最新補丁。

     您也可以通過微軟的安全公告選擇并安裝針對您所用系統的安全補丁:
     http://www.microsoft.com/china/technet/security/bulletin/MS07-048.mspx

8. MS07-049 - Virtual PC和Virtual Server中的漏洞可能導致權限提升(937986)

    - 受影響軟件:
    
    Microsoft Virtual PC 2004
    Microsoft Virtual PC 2004 Service Pack 1
    Microsoft Virtual Server 2005標準版
    Microsoft Virtual Server 2005企業版
    Microsoft Virtual Server 2005 R2標準版
    Microsoft Virtual Server 2005 R2企業版
    Microsoft Virtual PC for Mac V6.1
    Microsoft Virtual PC for Mac V7
    
    - 漏洞描述:

    Microsoft Virtual PC和Microsoft Virtual Server沒有正確的處理與主機操作
    系統通訊組件的交互與初始化。如果攻擊者擁有guest操作系統的管理權限的話,
    就可以在主機或其他guest操作系統上觸發堆溢出,完全控制受影響的系統。
    
    風險級別和漏洞標識
__________________________________________________
|受影響軟件       |Virtual PC和     |總體風險級別 |
|                 |Virtual Server   |             |
|                 |堆溢出漏洞       |             |
|                 |CVE-2007-0948    |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Virtual PC 2004  |重要             | 重要        |
|                 |權限提升         |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Virtual PC 2004  |重要             | 重要        |
|SP1              |權限提升         |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Virtual PC 2005  |重要             | 重要        |
|標準版           |權限提升         |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Virtual PC 2005  |重要             | 重要        |
|企業版           |權限提升         |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Virtual Server   |重要             | 重要        |
|2005 R2標準版    |權限提升         |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Virtual Server   |重要             | 重要        |
|2005 R2企業版    |權限提升         |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Virtual PC for   |重要             | 重要        |
|Mac V6.1         |權限提升         |             |
|_________________|_________________|_____________|
|                 |                 |             |
|Virtual PC for   |重要             | 重要        |
|Mac V7           |權限提升         |             |
|_________________|_________________|_____________|
  
    - 臨時解決方案:

    無
    
    - 廠商補丁:                

    微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶
    的"Windows update"功能下載最新補丁。

    http://www.microsoft.com/china/technet/security/bulletin/MS07-049.mspx

9. MS07-050 - 向量標記語言中的漏洞可能導致遠程執行代碼(938127)
  
    - 受影響軟件:
    
    Internet Explorer 5.01
    Internet Explorer 6 Service Pack 1
    Internet Explorer 6
    Internet Explorer 7

    - 漏洞描述:

    Microsoft Windows在實現VML時,向量圖形鏈接庫中的例程vgx.dll沒有對在Internet
    Explorer中渲染VML的請求的請求執行充分的驗證。如果用戶受騙訪問了惡意網頁
    的話,就可能觸發緩沖區溢出,導致執行任意代碼。

    風險級別和漏洞標識
_________________________
|受影響軟件|VML緩沖區溢出|
|          |漏洞         |
|          |CVE-2007-1749|
|__________|_____________|
|          |             |            
|IE 5.01和 |             |            
|6 SP1     |             |            
|__________|_____________|
|          |             |          
|2000 SP4  |緊急         |
|上的IE    |遠程執行代碼 |
|5.01 SP4  |             |    
|__________|_____________|
|          |             |          
|2000 SP4  |緊急         |
|上的IE 6  |遠程執行代碼 |
|SP1       |             |          
|__________|_____________|
|          |             |            
|IE 6      |             |            
|__________|_____________|
|          |             |            
|XP SP2上的|緊急         |
|IE 6      |遠程執行代碼 |
|__________|_____________|
|          |             |          
|XP x64版和|緊急         |
|XP x64 SP2|遠程執行代碼 |
|的IE 6    |             |          
|__________|_____________|
|Server    |             |        
|2003 SP1  |緊急         |
|和Server  |遠程執行代碼 |
|2003 SP2  |             |          
|的IE 6    |             |          
|__________|_____________|
|Server    |             |            
|2003 x64  |緊急         |
|和Server  |遠程執行代碼 |
|2003 x64  |             |            
|SP2的IE 6 |             |            
|__________|_____________|
|Server    |             |            
|2003 SP1  |緊急         |
|(基于     |遠程執行代碼 |
|Itanium的 |             |          
|系統)和   |             |        
|Server2003|             |          
|SP2(基于  |             |            
|Itanium的 |             |            
|系統的IE 6|             |          
|__________|_____________|
|          |             |          
|IE 7      |             |          
|__________|_____________|
|          |             |        
|XP SP2的  |緊急         |
|IE 7      |遠程執行代碼 |
|__________|_____________|
|          |             |            
|XP x64版和|緊急         |
|XP x64 SP2|遠程執行代碼 |
|的IE 7    |             |            
|__________|_____________|
|Server    |             |            
|2003 SP1  |緊急         |
|和Server  |遠程執行代碼 |
|2003 SP2  |             |          
|的IE 7    |             |            
|__________|_____________|
|Server    |             |            
|2003 x64  |緊急         |
|和Server  |遠程執行代碼 |
|2003 x64  |             |            
|SP2的IE 7 |             |            
|__________|_____________|
|Server    |             |            
|2003 SP1  |緊急         |
|(基于     |遠程執行代碼 |
|Itanium的 |             |            
|系統)和   |             |            
|Server2003|             |            
|SP2(基于  |             |            
|Itanium的 |             |            
|系統的IE 7|             |            
|__________|_____________|
|          |             |          
|Vista中的 |緊急         |
|IE 7      |遠程執行代碼 |
|__________|_____________|
|          |             |          
|Vista x64 |緊急         |
|版中的IE 7|遠程執行代碼 |
|__________|_____________|
              
    - 臨時解決方案:
    
    * 注銷VGX.DLL
    * 將Internet 和本地Intranet安全區域設置設為“高”,以便在這些區域中運行
    ActiveX控件和活動腳本之前進行提示

    - 廠商補丁:                

     微軟已經提供了安全補丁以修復此安全漏洞,我們建議您使用Windows系統自帶
     的"Windows update"功能下載最新補丁。

     您也可以通過微軟的安全公告選擇并安裝針對您所用系統的安全補丁:
     http://www.microsoft.com/china/technet/security/bulletin/MS07-050.mspx

附加信息:
==========
1. http://www.microsoft.com/china/technet/security/bulletin/MS07-042.mspx
2. http://www.microsoft.com/china/technet/security/bulletin/MS07-043.mspx
3. http://www.microsoft.com/china/technet/security/bulletin/MS07-044.mspx
4. http://www.microsoft.com/china/technet/security/bulletin/MS07-045.mspx
5. http://www.microsoft.com/china/technet/security/bulletin/MS07-046.mspx
6. http://www.microsoft.com/china/technet/security/bulletin/MS07-047.mspx
7. http://www.microsoft.com/china/technet/security/bulletin/MS07-048.mspx
8. http://www.microsoft.com/china/technet/security/bulletin/MS07-049.mspx
9. http://www.microsoft.com/china/technet/security/bulletin/MS07-050.mspx
10. http://www.us-cert.gov/cas/techalerts/TA07-226A.html
11. http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=576
12. http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=575
13. http://www.zerodayinitiative.com/advisories/ZDI-07-046.html
14. http://www.zerodayinitiative.com/advisories/ZDI-07-048.html
15. http://www.zerodayinitiative.com/advisories/ZDI-07-047.html
16. http://research.eeye.com/html/advisories/published/AD20070814a.html
17. http://secunia.com/advisories/26409/
18. http://secunia.com/advisories/26444/
19. http://secunia.com/advisories/26439/
20. http://secunia.com/advisories/26433/
21. http://secunia.com/advisories/26423/
22. http://secunia.com/advisories/26419/
23. http://secunia.com/advisories/26145/
24. http://secunia.com/advisories/26449/
25. http://research.eeye.com/html/advisories/published/AD20070814b.html

聲 明
==========

本安全公告僅用來描述可能存在的安全問題,綠盟科技不為此安全公告提供任何保證或承諾。由于傳播、利用此安全公告所提供的信息而造成的任何直接或者間接的后果及損失,均由使用者本人負責,綠盟科技以及安全公告作者不為此承擔任何責任。綠盟科技擁有對此安全公告的修改和解釋權。如欲轉載或傳播此安全公告,必須保證此安全公告的完整性,包括版權聲明等全部內容。未經綠盟科技允許,不得任意修改或者增減此安全公告內容,不得以任何方式將其用于商業目的。

關于綠盟科技
============

綠盟科技(NSFOCUS Co., Ltd.)是中國網絡安全領域的領導企業,致力于網絡和系統安全問題的研究、高端網絡安全產品的研發、銷售與網絡安全服務,在入侵檢測/保護、遠程評估、 DDoS攻擊防護等方面提供具有國際競爭能力的先進產品,是國內最具安全服務經驗的專業公司。有關綠盟科技的詳情請參見: http://www.nsfocus.com

© 2019 綠盟科技
重庆时时彩计划准不准 山东十一选五有没有窍门 组六组三同时买的方案 台湾五分彩计算公式 极速快乐10分 捕鱼大师的工具箱图纸 福建福彩快3开奖 夏季庙会卖什么赚钱 内蒙古快3开奖 打麻将怎么才能赢 江西快3统计图表 未来小本赚钱加盟 求qq麻将胡牌规则大全