Microsoft Windows媒体实时文件压缩远程内存破坏漏洞

 
漏洞起因
设计错误
 
影响系统
Microsoft Windows Media Audio Voice Decoder
Microsoft DirectShow WMA Voice Codec
Microsoft Audio Compression Manager
 
不受影响系统
 
危害
远程攻击者可以利用漏洞以当前特权用户权限执行任意指令。
 
攻击所需条件
攻击者必须构建恶意音频文件,诱使用户打开。
 
漏洞信息
Windows Media Format Runtime是一款用于向使用Windows Media内容的应用程序提供信息和工具。
Microsoft Windows媒体实时处理压缩音频文件中的部分函数存在错误,如果用户打开特殊构建的文件,可导致任意代码执行。如果用户以管理员全新啊登录,攻击者成功个利用此漏洞可控制整个受此漏洞影响的系统。攻击者之后可以安装程序;查看,更改或删除数据,或以系统用户权限建立新帐户。
 
测试方法
 
厂商解决方案
用户可以通过cacls设置对msaud32.acm的拒绝访问来临时解决此漏洞,针对Windows 2000, Windows XP和Windows Server 2003系统:
For 32-bit Windows systems:
Echo y| cacls %WINDIR%\system32\msaud32.acm /E /P everyone:N
For 64-bit Windows systems:
Echo y| cacls %WINDIR%\syswow64\msaud32.acm /E /P everyone:N
在Windows Vista和Windows Server 2008系统下:
For 32-bit Windows:
Takeown.exe /f "%windir%\system32\msaud32.acm"
Icacls.exe "%windir%\system32\msaud32.acm " /save %TEMP%\msaud32_acm.TXT
Icacls.exe "%windir%\system32\msaud32.acm " /deny everyone:(F)
For 64-bit Windows systems:
Takeown.exe /f "%windir%\syswow64\msaud32.acm"
Icacls.exe "%windir%\syswow64\msaud32.acm " /save %TEMP%\ msaud32_acm.TXT
Icacls.exe "%windir%\syswow64\msaud32.acm " /deny everyone:(F)
微软公司已经提供安全补丁,用户可参考如下补丁程序:
Microsoft Windows Media Audio Voice Decoder 0
Microsoft Security Update for 32-bit Windows Media Format Runtime 11 for Windows XP x64 Edition (KB954155)
http://www.microsoft.com/downloads/details.aspx?familyid=a866a490-6d3a -4ecd-acf4-770312ba2fd6
Microsoft Security Update for 32-bit Windows Media Format Runtime 9.5 for Windows Server 2003 x64 Edition (KB9
http://www.microsoft.com/downloads/details.aspx?familyid=13ba4839-7fa9 -4bbb-95f6-3fafb6c49f20
Microsoft Security Update for 32-bit Windows Media Format Runtime 9.5 for Windows XP x64 Edition (KB954155)
http://www.microsoft.com/downloads/details.aspx?familyid=4729de51-8fd8 -46c6-b4ad-9c9f25202684
Microsoft Security Update for 64-bit Windows Media Format Runtime 9.5 for Windows XP x64 Edition and Windows S
http://www.microsoft.com/downloads/details.aspx?familyid=fe0d51b2-345e -4eb7-a036-d8c3f6a683d2
Microsoft Security Update for Windows Media Format Runtime 11 for Windows Server 2008 (KB954155)
http://www.microsoft.com/downloads/details.aspx?familyid=2eaa9857-a147 -4f31-9bf4-b9e2cf4c15c3
Microsoft Security Update for Windows Media Format Runtime 11 for Windows Server 2008 x64 Edition (KB954155)
http://www.microsoft.com/downloads/details.aspx?familyid=70aabba3-53d6 -4b52-be83-6d3f3869ecbd
Microsoft Security Update for Windows Media Format Runtime 11 for Windows Vista (KB954155)
http://www.microsoft.com/downloads/details.aspx?familyid=f17ee0ea-f1e2 -49f4-9f90-60296246ddfe
Microsoft Security Update for Windows Media Format Runtime 11 for Windows Vista for x64-based Systems (KB95415
http://www.microsoft.com/downloads/details.aspx?familyid=26905f12-92c7 -4d45-99e7-227f03d2cb82
Microsoft Security Update for Windows Media Format Runtime 9 for Windows 2000 (KB954155)
http://www.microsoft.com/downloads/details.aspx?familyid=8f850a82-61f9 -447b-a0aa-a2c192cc5d2e
Microsoft Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 2 (KB954155)
http://www.microsoft.com/downloads/details.aspx?familyid=4516c219-e357 -485e-a52b-23dcb8ee49d8
Microsoft Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 3 (KB954155)
http://www.microsoft.com/downloads/details.aspx?familyid=746d3440-5a6a -421e-9286-7b534a1dfe54
Microsoft Security Update for Windows Media Format Runtime 9.5 for Windows Server 2003 (KB954155)
http://www.microsoft.com/downloads/details.aspx?familyid=00b3cb86-c9eb -4fbe-987e-2b0d94271d87
Microsoft Audio Compression Manager 0
Microsoft Security Update for Windows Media Player 9 for Windows 2000 (KB975025)
http://www.microsoft.com/downloads/details.aspx?familyid=6dfd5405-cabe -4bd7-9330-b6bde1d99194
Microsoft Security Update for Windows Server 2003 (KB975025)
http://www.microsoft.com/downloads/details.aspx?familyid=ab1803ff-2371 -487f-a7b6-95747c46ba4e
Microsoft Security Update for Windows Server 2003 x64 Edition (KB975025)
http://www.microsoft.com/downloads/details.aspx?familyid=46daf7c7-1cd3 -4f47-9c7a-d5eb6ea7327b
Microsoft Security Update for Windows XP (KB975025)
http://www.microsoft.com/downloads/details.aspx?familyid=6ecc7129-8caa -4daf-a8e2-8f3536225fb3
Microsoft DirectShow WMA Voice Codec 0
Microsoft Security Update for Windows 2000, Windows XP and Windows 2003 (KB969878)
http://www.microsoft.com/downloads/details.aspx?familyid=4fe0dff5-04d9 -4409-8d1d-52419537126b
Microsoft Security Update for Windows XP x64 Edition and Windows 2003 x64 Edition (KB969878)
http://www.microsoft.com/downloads/details.aspx?familyid=c116ae9d-e416 -4b7d-be75-4b4b2ebcc33a
 
漏洞提供者
Vinay Anantharaman of Adobe Systems, Inc.

发表评论?

0 条评论。

发表评论