Win7之家( www.win7china.com):微软四月安全公告发布:Win7漏洞需立即修补
微软今天发布了四月安全公告,共11个公告,5个危急评级,修正25个系统中已知的安全漏洞。
其中两个更新影响旗舰系统Windows 7和Windows Server 2003 R2,这些漏洞均已经出现攻击代码,需要立即修补,它们是MS10-019、MS10-026、MS10-027(影响Win2000和XP)。详细信息请参看微软相关页面。
微软官方页面:Microsoft Security Bulletin Summary for April 2010
| Bulletin | Most likely attack vector | Max Bulletin Severity | Max Exploit-ability Index | Likely first 30 days impact | Platform mitigations and key notes |
| MS10-027
(WMP) |
Victim browses to a malicious webpage. | Critical | 1 | Likely to see reliable exploit code developed | Windows Vista, Windows Server 2008, and Windows 7 not affected |
| MS10-026 (DirectShow) |
Victim browses to a malicious webpage or opens a malicious AVI movie. | Critical | 1 | Likely to see reliable exploit code developed | Windows 7 codec is not vulnerable. |
| MS10-019 (WinVerifyTrust) |
Victim double-clicks a malicious EXE or allows malicious content to run because content claims to be signed by a trusted publisher. | Critical | 2 | Likely to see effective proof-of-concept code released to downgrade Authenticode checks from v2 down to v1. Authenticode v1 is a weaker algorithm. To reach code execution, attackers will need to find an Authenticode v1 bypass. | Microsoft Update and Windows Update clients not directly vulnerable to this threat. |
| MS10-020
(SMB Client) |
Attacker hosts malicious SMB server within enterprise network. Attacker lures victim to click on a link that causes victim to initiate an SMB connection to the malicious SMB server. | Critical | 2 | Proof-of-concept code already exists for denial-of-service vulnerability. May see unreliable exploit code developed for other client-side SMB vulnerabilities that most often results in denial-of-service. | Egress filtering at most corporations will limit exposure to attacker within enterprise network.
Several issues with differing exploitability. Please see SRD blog for more information. |
| MS10-022
(VBScript) |
Victim browses to a malicious webpage and is tricked into clicking F1 on a VBScript messagebox. | Important | 1 | Public exploit code exists for code execution after a user presses F1. Have not heard reports of real-world attacks yet, despite public exploit code. | Vulnerability not reachable on Windows 7, Windows Server 2008, and Windows Vista by default. Bulletin rated defense-in-depth for those platforms.
Windows Server 2003 not vulnerable by default due to Enhanced Security Configuration. |
| MS10-025 (Windows Media Services) |
If a victim Windows 2000 machine has enabled Windows Media Services, an attacker can send network-based attack over port 1755 (TCP or UDP). | Critical | 1 | Likely to see reliable exploit code developed. | Only Windows 2000 is affected. |
| MS10-021
(Kernel) |
Attacker able to run code locally on a machine exploits a vulnerability to run code at a higher privilege level. | Important | 1 | Likely to see reliable exploit code developed for one or more of these eight vulnerabilities. | SRD blog post explaining the Windows registry link vulnerabilities. |
| MS10-024
(SMTP Service) |
Attacker causes SMTP Service running on 64-bit Windows Server 2003 to crash by initiating a DNS lookup handled by a malicious DNS server. | Important | n/a | No chance for code execution. May see proof-of-concept code that crashes SMTP Service but not for Exchange. | Exchange Server not directly affected by denial-of-service vulnerability because vulnerable versions never shipped as 64-bit application. Security update applies to 32-bit Exchange Server to add additional DNS protections. |
| MS10-028
(Visio) |
Victim opens malicious .VSD file | Important | 1 | Visio exploits not often seen in the wild. Unsure whether we will see exploit released. | Visio not installed by default with most Office installations. |
| MS10-023
(Publisher) |
Victim opens malicious .PUB file | Important | 1 | Publisher exploits not often seen in the wild. Unsure whether we will see exploit released. | |
| MS10-029
(ISATAP) |
Attacker spoofs own source address by encapsulating iPv6 attack packet inside IPv4 wrapper. This may allow attacker to reach IPv6 destination that otherwise would be blocked. | Moderate | n/a | May see proof-of-concept released publicly. |
Windows7之家(www.win7china.com),凝聚你我他
评论列表
查看所有 条评论