Internet Explorer 最新 0day 波及了微軟全線系統,目前暫時沒有修補檔。微軟於近日發佈了一份安全通報,指導您如何暫時避免此漏洞。由於漏洞出在「OLEDB32.dll」這個檔案上。所以我們的目的就是隔離這個檔案。對此,微軟連出了4種殺手鐧。
第一式:SACL 法
[Unicode]
Unicode=yes
[Version]
signature="$CHICAGO$"
Revision=1
[File Security]
"%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll",2,"S:(ML;;NWNRNX;;;ME)"
將以上內容儲存為「BlockAccess_x86.inf」,然後在命令提示字元裡執行「SecEdit/configure/db BlockAccess.sdb/cfg "inf file"」,其中"inf file"整個字串為 inf 檔案路徑。如果成功會看到「The task has completed successfully.」的提示,或查看「%windir%\Security\Logs\」目錄下的「Scesrv.log」記錄檔。
第二式:禁用 Row Position 功能法
「HKEY_CLASSES_ROOT\CLSID\{2048EEE6-7FA2-11D0-9E6A-00A0C9138C29}」,打開註冊表編輯器,將此鍵值刪除即可。
第三式:取消 DLL 註冊法
在命令提示符中輸入「Regsvr32.exe/u "Program Files\Common Files\System\Ole DB\oledb32.dll"」即可。
第四式:權限設定法
在命令提示字元中輸入「cacls "Program Files\Common Files\System\Ole DB\oledb32.dll"/E/P everyone:N」。
Vista 系統則需要輸入3個命令:
「takeown/f "Program Files\Common Files\System\Ole DB\oledb32.dll"」;
「icacls "Program Files\Common Files\System\Ole DB\oledb32.dll"/save %TEMP%\oledb32.32.dll.TXT」;
「icacls "Program Files\Common Files\System\Ole DB\oledb32.dll"/deny everyone:(F) 」。
其中第一式影響最小,僅會影響 IE 對此 DLL 的啟用。
附此漏洞影響的系統、軟體列表:
* Windows Internet Explorer 7
* Windows Internet Explorer 7 for Windows XP
* Windows Internet Explorer 7 for Windows Server 2003
* Windows Internet Explorer 7 for Windows Server 2003 IA64
* Windows Internet Explorer 7 in Windows Vista
* Windows Internet Explorer 8 Beta
* Microsoft Internet Explorer 6.0 Service Pack 2
* Microsoft Internet Explorer 6.0 Service Pack 1
* Microsoft Internet Explorer 6.0
* Microsoft Internet Explorer 5.01 Service Pack 4
* Windows Server 2008 Datacenter without Hyper-V
* Windows Server 2008 Enterprise without Hyper-V
* Windows Server 2008 for Itanium-Based Systems
* Windows Server 2008 Standard without Hyper-V
* Windows Server 2008 Datacenter
* Windows Server 2008 Enterprise
* Windows Server 2008 Standard
* Windows Web Server 2008
* Windows Vista Service Pack 1, when used with:
o Windows Vista Business
o Windows Vista Enterprise
o Windows Vista Home Basic
o Windows Vista Home Premium
o Windows Vista Starter
o Windows Vista Ultimate
o Windows Vista Enterprise 64-bit Edition
o Windows Vista Home Basic 64-bit Edition
o Windows Vista Home Premium 64-bit Edition
o Windows Vista Ultimate 64-bit Edition
o Windows Vista Business 64-bit Edition
* Microsoft Windows Server 2003 Service Pack 1, when used with:
o Microsoft Windows Server 2003, Standard Edition (32-bit x86)
o Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
o Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
o Microsoft Windows Server 2003, Web Edition
o Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
o Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
* Microsoft Windows Server 2003, Datacenter x64 Edition
* Microsoft Windows Server 2003, Enterprise x64 Edition
* Microsoft Windows Server 2003, Standard x64 Edition
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows Server 2003 Service Pack 2, when used with:
o Microsoft Windows Server 2003, Standard Edition (32-bit x86)
o Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
o Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
o Microsoft Windows Server 2003, Web Edition
o Microsoft Windows Server 2003, Datacenter x64 Edition
o Microsoft Windows Server 2003, Enterprise x64 Edition
o Microsoft Windows Server 2003, Standard x64 Edition
o Microsoft Windows XP Professional x64 Edition
o Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
o Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
* Microsoft Windows XP Service Pack 2, when used with:
o Microsoft Windows XP Home Edition
o Microsoft Windows XP Professional
* Microsoft Windows XP Service Pack 3, when used with:
o Microsoft Windows XP Home Edition
o Microsoft Windows XP Professional
對於非 x86 系統請參考微軟安全通報自行操作。
微軟安全通報:http://support.microsoft.com/kb/961051/en-us/
Microsoft 安全通報:4 種方法暫時防禦 IE 最新 0day
隨機文章
訂閱:
張貼留言 (Atom)
0 意見:
張貼留言