漏洞起因
边界条件错误
危险等级
中
影响系统
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows 7
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Storage Server 2003
Microsoft Windows Vista
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
不受影响系统
危害
远程攻击者可以利用漏洞以系统权限执行任意指令。
攻击所需条件
攻击者必须构建恶意WEB页,诱使用户访问。
漏洞信息
Microsoft Windows是一款微软开发的操作系统。
Microsoft Windows处理嵌入式OpenType(EOT)字体存在整数溢出错误,构建特殊的EOT字体,诱使用户访问,可触发内存破坏。
攻击者构建恶意WEB页,诱使用户访问可触发此漏洞。
当前的攻击已知只针对Windows 2000,其他版本系统也包含受此漏洞影响的代码,但是目前还不清楚如何触发此漏洞。
测试方法
厂商解决方案
用户可参考如下供应商提供的安全补丁:
Windows 2000 SP4:
http://www.microsoft.com/downloads/de…=47f85cbd-282e-4c92-9809-68bba49e0a12
Windows XP SP2/SP3:
http://www.microsoft.com/downloads/de…=793a6b3f-7660-40be-b7d5-7b0eec55e1cd
Windows XP Professional x64 Edition SP2:
http://www.microsoft.com/downloads/de…=31609ce9-656a-4f7d-a501-709a31ca34c3
Windows Server 2003 SP2:
http://www.microsoft.com/downloads/de…=e1d6e338-dea9-458e-b35d-796e069d74d7
Windows Server 2003 x64 Edition SP2:
http://www.microsoft.com/downloads/de…=ddbcf231-9fde-4dc2-ad04-a01b69d1a980
Windows Server 2003 with SP2 for Itanium-based Systems:
http://www.microsoft.com/downloads/de…=c71a13cf-7e2f-4b02-8684-1a4e4b46ddda
Windows Vista (optionally with SP1/SP2):
http://www.microsoft.com/downloads/de…=6387228c-eedc-4511-b3c6-8922606f4c84
Windows Vista x64 Edition (optionally with SP1/SP2):
http://www.microsoft.com/downloads/de…=7b4f5089-13b1-421b-a00b-22632bba4229
Windows Server 2008 for 32-bit Systems (optionally with SP2):
http://www.microsoft.com/downloads/de…=e175c436-37e0-497f-8b7f-6cacaa25ad7c
Windows Server 2008 for x64-based Systems (optionally with SP2):
http://www.microsoft.com/downloads/de…=1b10a177-fd45-406f-8edc-b8d4b84881b7
Windows Server 2008 for Itanium-based Systems (optionally with SP2):
http://www.microsoft.com/downloads/de…=e8bc9a24-a794-4827-a6bb-785c6b2189f4
Windows 7 for 32-bit Systems:
http://www.microsoft.com/downloads/de…=75491ad0-40a6-4efb-9574-d82210f6d0da
Windows 7 for x64-based Systems:
http://www.microsoft.com/downloads/de…=8a53f0e9-0616-440e-90f2-a12524e1bee4
Windows Server 2008 R2 for x64-based Systems:
http://www.microsoft.com/downloads/de…=308166e4-571b-4d6c-bd9f-3ed4afa4eafe
Windows Server 2008 R2 for Itanium-based Systems:
http://www.microsoft.com/downloads/de…=1d0da42b-9755-4fd2-afd1-0d023d187133
漏洞提供者
Tavis Ormandy, Google
0 条评论。