威尼斯432888cam(中国集团)有限公司-企业百科


打开微信“扫一扫”,开启安全数字世界之旅
截图或长按保存至相册,使用微信扫一扫
首页 > 安全通告

安全通告

高危!Microsoft MSHTML远程代码执行漏洞(CVE-2021-40444)安全风险通告
发布时间 :2021年09月08日
分享:

漏洞描述

2021年9月8日,威尼斯432888camCERT监测到微软官方针对Microsoft MSHTML组件中存在的远程代码执行漏洞(CVE-2021-40444)发布紧急通告。利用此漏洞,远程攻击者可诱使受害者打开其制作的带有ActiveX控件的恶意Microsoft Office文档,当漏洞成功触发时,攻击者可在受害者的机器上以该用户权限执行任意代码。漏洞定级为高危漏洞。


目前微软官方尚未发布此漏洞的修复补丁,鉴于该漏洞已有在野利用,威尼斯432888camCERT建议及时做好自查和防御措施,以阻止该漏洞攻击。


漏洞编号

CVE-2021-40444


漏洞类型

高危,远程代码执行,CVSS:8.8


修复建议

官方临时修补方案:

在Internet Explorer中禁用ActiveX控件以缓解漏洞攻击(使用此方法,以前安装的ActiveX控件将继续运行,但漏洞不会被触发):


1.创建.reg文件扩展名结尾的文件,并保存如下内容:

Windows Registry Editor Version 5.00


[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]

"1001"=dword:00000003

"1004"=dword:00000003


[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1]

"1001"=dword:00000003

"1004"=dword:00000003


[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2]

"1001"=dword:00000003

"1004"=dword:00000003


2.双击该文件,将其应用到策略配置。

3.重启系统。


注意

如果注册表编辑器不当使用可能会存在严重问题,如需重装系统等,建议使用上述的解决方案进行修补,如有必要请事先做好备份。

 

参考链接

Windows 7 for x64-based Systems Service Pack 1

Windows 7 for 32-bit Systems Service Pack 1

Windows Server 2012 R2 (Server Core installation)

Windows Server 2012 R2

Windows Server 2012 (Server Core installation)

Windows Server 2012

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows RT 8.1

Windows 8.1 for x64-based systems

Windows 8.1 for 32-bit systems

Windows Server 2016  (Server Core installation)

Windows Server 2016

Windows 10 Version 1607 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 for 32-bit Systems

Windows Server, version 20H2 (Server Core Installation)

Windows 10 Version 20H2 for ARM64-based Systems

Windows 10 Version 20H2 for 32-bit Systems

Windows 10 Version 20H2 for x64-based Systems

Windows Server, version 2004 (Server Core installation)

Windows 10 Version 2004 for x64-based Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for 32-bit Systems

Windows Server 2022 (Server Core installation)

Windows Server 2022

Windows 10 Version 21H1 for 32-bit Systems

Windows 10 Version 21H1 for ARM64-based Systems

Windows 10 Version 21H1 for x64-based Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows Server 2019  (Server Core installation)

Windows Server 2019

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems


参考链接

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444


分享到微信
X