微軟Internet Explorer爆嚴重漏洞,令黑客可遠端控制
這篇文章中的資訊適用於:
* Microsoft Windows Server 2003 Service Pack 2 應用於:
o Microsoft Windows Server 2003, Standard Edition (32-bit x86)
o Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
o Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
o Microsoft Windows Server 2003, Web Edition
o Microsoft Windows Server 2003, Datacenter x64 Edition
o Microsoft Windows Server 2003, Enterprise x64 Edition
o Microsoft Windows Server 2003, Standard x64 Edition
o Microsoft Windows XP Professional x64 Edition
o Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
o Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
* Microsoft Windows XP Service Pack 2 應用於:
o Microsoft Windows XP Home Edition (家用版)
o Microsoft Windows XP Professional
* Microsoft Windows XP Service Pack 3 應用於:
o Microsoft Windows XP Home Edition (家用版)
o Microsoft Windows XP Professional
Microsoft Security Advisory (972890)
Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution
Published: July 06, 2009
Version: 1.0
Microsoft is investigating a privately reported vulnerability in Microsoft Video ActiveX Control. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and may not require any user intervention.
We are aware of attacks attempting to exploit the vulnerability.
Our investigation has shown that there are no by-design uses for this ActiveX Control in Internet Explorer which includes all of the Class Identifiers within the msvidctl.dll that hosts this ActiveX Control. For Windows XP and Windows Server 2003 customers, Microsoft is recommending removing support for this ActiveX Control within Internet Explorer using all the Class Identifiers listed in the Workaround section. Though unaffected by this vulnerability, Microsoft is recommending that Windows Vista and Windows Server 2008 customers remove support for this ActiveX Control within Internet Explorer using the same Class Identifiers as a defense-in-depth measure.
Customers may prevent the Microsoft Video ActiveX Control from running in Internet Explorer, either manually using the instructions in the Workaround section or automatically using the solution found in Microsoft Knowledge Base Article 972890. By preventing the Microsoft Video ActiveX Control from running in Internet Explorer, there is no impact to application compatibility.
We are actively working with partners in our Microsoft Active Protections Program (MAPP) to provide information that they can use to provide broader protections to customers.
Microsoft is currently working to develop a security update for Windows to address this vulnerability and will release the update when it has reached an appropriate level of quality for broad distribution.
Mitigating Factors:
• Customers who are using Windows Vista or Windows Server 2008 are not affected because the ability to pass data to this control within Internet Explorer has been restricted.
• By default, Internet Explorer on Windows Server 2003 and 2008 runs in a restricted mode that is known as Enhanced Security Configuration. Enhanced Security Configuration is a group of preconfigured settings in Internet Explorer that can reduce the likelihood of a user or administrator downloading and running specially crafted Web content on a server. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone. See also Managing Internet Explorer Enhanced Security Configuration.
• By default, all supported versions of Microsoft Outlook and Microsoft Outlook Express open HTML e-mail messages in the Restricted sites zone. The Restricted sites zone helps mitigate attacks that could try to exploit this vulnerability by preventing Active Scripting and ActiveX controls from being used when reading HTML e-mail messages. However, if a user clicks a link in an e-mail message, the user could still be vulnerable to exploitation of this vulnerability through the Web-based attack scenario.
• In a Web-based attack scenario, an attacker could host a Web site that contains a Web page that is used to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these Web sites. Instead, an attacker would have to persuade users to visit the Web site, typically by getting them to click a link in an e-mail message or Instant Messenger message that takes users to the attacker’s Web site.
• An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
若要執行因應措施來停用自動執行 Windows 或 Windows Server 2003 的電腦上 「 Microsoft 視訊 ActiveX 控制項,按一下 [下 啟用因應措施 的 [ 修復這個問題 的連結]。 若要復原因應措施,按一下 [下 停用因應措施 的 [這個問題的連結 [修正]。 然後按一下 [ 執行 ] 在 [ 檔案下載 ] 對話方塊,再依照這個精靈。
附註 這個精靈可能在英文中只; 不過,自動修正也適用於其他語言版本的 Windows。
附註 果您不在發生問題的電腦上,則可將自動修正程式儲存至快閃磁碟機或 CD,然後在發生問題的電腦上加以執行。