高危!Microsoft MSHTML远程代码执行漏洞(CVE-2021-40444)安全风险通告
漏洞描述
2021年9月8日,亚信安全CERT监测到微软官方针对Microsoft MSHTML组件中存在的远程代码执行漏洞(CVE-2021-40444)发布紧急通告。利用此漏洞,远程攻击者可诱使受害者打开其制作的带有ActiveX控件的恶意Microsoft Office文档,当漏洞成功触发时,攻击者可在受害者的机器上以该用户权限执行任意代码。漏洞定级为高危漏洞。
目前微软官方尚未发布此漏洞的修复补丁,鉴于该漏洞已有在野利用,亚信安全CERT建议及时做好自查和防御措施,以阻止该漏洞攻击。
漏洞编号
CVE-2021-40444漏洞类型
高危,远程代码执行,CVSS:8.8修复建议
官方临时修补方案:在Internet Explorer中禁用ActiveX控件以缓解漏洞攻击(使用此方法,以前安装的ActiveX控件将继续运行,但漏洞不会被触发):
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0]"1001"=dword:00000003"1004"=dword:00000003
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1]"1001"=dword:00000003"1004"=dword:00000003
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2]"1001"=dword:00000003"1004"=dword:00000003
➢ 2.双击该文件,将其应用到策略配置。➢ 3.重启系统。
!
注意
如果注册表编辑器不当使用可能会存在严重问题,如需重装系统等,建议使用上述的解决方案进行修补,如有必要请事先做好备份。参考链接
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
参考链接
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444行业热点:
高危!Atlassian Confluence远程代码执行漏洞安全风险通告
了解亚信安全,请点击“阅读原文”