CVE-2017-11780: Windows SMB安全漏洞预警 | 申博官网
登录
  • 欢迎进入申博官网!
  • 如果您觉得申博官网对你有帮助,那么赶紧使用Ctrl+D 收藏申博官网并分享出去吧
  • 这里是申博官方网!
  • 申博官网是菲律宾sunbet官网品牌平台!
  • 申博开户专业品牌平台!

CVE-2017-11780: Windows SMB安全漏洞预警

CVE-2017-11780: Windows SMB安全漏洞预警

Windows体系平安更新

2017年10月10日,微软宣布了2017年10月平安更新关照布告,修补了多个高危破绽,依据关照布告形貌受影响的体系从Windows Server 2008到Windows 10都包罗:
Windows 10 1703
Windows 10 1607
Windows Server 2016
Windows 10 1511
Windows 10 RTM
Windows 8.1
Windows Server 2012 R2
Windows Server 2012
Windows 7
Windows Server 2008 R2
Windows Server 2008

软件更新择要:
https://portal.msrc.microsoft.com/zh-cn/security-guidance/summary

同时也包罗客户端平安更新,特别是曾经有在应用的Office破绽:
Internet Explorer
Microsoft Edge
Office
SharePoint

破绽可应用状态

依据关照布告,CVE-2017-11780的Windows SMB(SMBv1)近程代码实行破绽进击胜利率很高,应用代码一旦公然能够会有歹意进击者用来制作蠕虫流传;在局域网情况中CVE-2017-11771的Windows Search近程代码实行破绽也是经由过程SMB衔接近程触发,进击胜利后便可掌握目的计算机;同时CVE-2017-11779的Windows DNSAPI近程实行代码破绽,也能够遭到进击者竖立的一台歹意DNS效劳器的子虚响应而被进击;而CVE-2017-11826的Microsoft Office内存破坏破绽应用样本曾经涌现在进击行为中,发起尽快装置平安更新补钉和接纳响应的减缓步伐珍爱体系平安运转。

影响版本局限

个中CVE-2017-11780的Windows SMB(SMBv1)近程代码实行破绽影响以下体系版本:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
微软更新指南:

https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/CVE-2017-11780

个中CVE-2017-11771的Windows Search近程代码实行破绽影响以下体系版本:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
微软更新指南:
https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/CVE-2017-11771

个中CVE-2017-11779的Windows DNSAPI近程实行代码破绽影响以下体系版本:
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1511 for 32-bit Systems
Windows 10 Version 1511 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1703 for 32-bit Systems
Windows 10 Version 1703 for x64-based Systems
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
微软更新指南:
https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/CVE-2017-11779

个中CVE-2017-11826的Microsoft Office内存破坏破绽影响以下Office版本:
Microsoft Office Compatibility Pack Service Pack 3    
Microsoft Office Online Server 2016    
Microsoft Office Web Apps Server 2010 Service Pack 2    
Microsoft Office Web Apps Server 2013 Service Pack 1    
Microsoft Office Word Viewer    
Microsoft SharePoint Enterprise Server 2016    
Microsoft Word 2007 Service Pack 3    
Microsoft Word 2010 Service Pack 2 (32-bit editions)    
Microsoft Word 2010 Service Pack 2 (64-bit editions)    
Microsoft Word 2013 RT Service Pack 1    
Microsoft Word 2013 Service Pack 1 (32-bit editions)    
Microsoft Word 2013 Service Pack 1 (64-bit editions)    
Microsoft Word 2016 (32-bit edition)    
Microsoft Word 2016 (64-bit edition)    
Word Automation Services(Microsoft SharePoint Server 2013 Service Pack 1)
Word Automation Services(Microsoft SharePoint Server 2010 Service Pack 2)
微软更新指南:
https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/CVE-2017-11826

———————————————-

申博|网络安全巴士站【www.bus123.net】

申博|网络安全巴士站是一个专注于网络安全、系统安全、互联网安全、信息安全,全新视界的互联网安全新媒体。。

———————————————-

减缓步伐(平安应急发起等)

紧要:现在进击代码曾经涌现强烈发起尽快装置平安更新补钉

优先步伐:个人电脑开启防火墙阻拦内部接见本机TCP445端口,效劳器开启平安策略限定指定IP接见本机TCP445端口。

补钉更新:能够经由过程体系自带的更新功用打补钉,也能够零丁装置详细的补钉,对应版本参考以下微软更新指南:
https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/CVE-2017-11780 
https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/CVE-2017-11771 
https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/CVE-2017-11779 
https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/CVE-2017-11826 
找到对应的体系版本,点击“Security Update”便可下载零丁的补钉。

平安设置装备摆设:若是某些特别情况下的体系不方便打补钉,能够参考以下平安设置装备摆设停止变通处理。
针对CVE-2017-11780的Windows SMB(SMBv1)近程代码实行破绽,能够参考如安在 Windows 和 Windows Server 中启用和禁用SMBv1、SMBv2和SMBv3的指南:
https://support.microsoft.com/zh-cn/help/2696547/how-to-detect-enable-and-disable-smbv1-smbv2-and-smbv3-in-windows-and 
CVE-2017-11771的Windows Search近程代码实行破绽,能够参考禁用WSearch效劳的要领:
https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/CVE-2017-11771 

平安应急发起:Windows SMB的破绽在历史上涌现过严峻蠕虫流传进击,强烈发起尽快更新平安补钉和继承存眷平安要挟静态。

上一篇 : 爱尔兰最大超市团体收集体系遭黑客进击

下一篇 : 澳大利亚称黑客用“中国菜刀”入侵国防分包商偷取F-35战斗机数据

您能够感兴致的资讯
CVE-2017-11780: Windows SMB安全漏洞预警

中远海运美国公司遭受讹诈软件沾染

CVE-2017-11780: Windows SMB安全漏洞预警

兵工巨子BAE Systems构建“环球情报网”

CVE-2017-11780: Windows SMB安全漏洞预警

纽约市9家B&BHG餐厅POS体系沾染,致主顾领取卡数据泄漏

CVE-2017-11780: Windows SMB安全漏洞预警

印度行将履行收集中立法,一切用户一致享用互联网

CVE-2017-11780: Windows SMB安全漏洞预警

CNCERT 2018年中国收集平安年会征文关照

CVE-2017-11780: Windows SMB安全漏洞预警

​《2018年夏日互联网生长状态平安申报:Web进击》:旅店效劳行业面对僵尸收集的围攻

———————————————-

申博|网络安全巴士站【www.bus123.net】

申博|网络安全巴士站是一个专注于网络安全、系统安全、互联网安全、信息安全,全新视界的互联网安全新媒体。。


申博|网络安全巴士站声明:该文看法仅代表作者自己,与本平台无关。版权所有丨如未注明 , 均为原创丨本网站采用BY-NC-SA协议进行授权
转载请注明CVE-2017-11780: Windows SMB安全漏洞预警
喜欢 (0)
[]
分享 (0)
发表我的评论
取消评论
表情 贴图 加粗 删除线 居中 斜体 签到

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址