安全公告編號(hào):CNTA-2021-0026
2021年9月8日��,國家信息安全漏洞共享平臺(tái)(CNVD)收錄了Microsoft MSHTML遠(yuǎn)程代碼執(zhí)行漏洞(CNVD-2021-69088�,對應(yīng)CVE-2021-40444)。攻擊者利用該漏洞���,可在未授權(quán)的情況下遠(yuǎn)程執(zhí)行代碼����。目前,漏洞利用細(xì)節(jié)已在小范圍公開�,微軟公司暫未發(fā)布補(bǔ)丁修復(fù)該漏洞。CNVD建議受影響用戶按照臨時(shí)防范措施緩解漏洞攻擊威脅���。
一��、漏洞情況分析
MSHTML(又稱Trident)是微軟Windows操作系統(tǒng)Internet Explorer(IE)瀏覽器的排版組件�。軟件開發(fā)人員使用該組件����,可以在應(yīng)用中快速實(shí)現(xiàn)網(wǎng)頁瀏覽功能。MSHTML除應(yīng)用于IE瀏覽器����、IE內(nèi)核瀏覽器外,還在Office的Word����、Excel和PowerPoint文檔中用來呈現(xiàn)Web托管內(nèi)容。
9月7日,微軟公司發(fā)布了針對Microsoft MSHTML遠(yuǎn)程代碼執(zhí)行漏洞的緊急安全公告�����。攻擊者利用該漏洞����,通過精心構(gòu)造包含可被加載的惡意 ActiveX控件的Microsoft Office文件,并誘導(dǎo)受害者打開文檔��,從而觸發(fā)此漏洞�����。未經(jīng)身份驗(yàn)證的攻擊者利用該漏洞�,可獲得受害者的當(dāng)前用戶權(quán)限,以該用戶權(quán)限執(zhí)行任意代碼�����。
CNVD對該漏洞的綜合評級為“高?����!?���。
二、漏洞影響范圍
漏洞影響的產(chǎn)品版本包括:
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows RT 8.1
Windows 8.1 for x64-based systems
Windows 8.1 for 32-bit systems
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server, version 20H2 (Server Core Installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 Version 21H1 for ARM64-based Systems
Windows 10 Version 21H1 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
三���、漏洞處置建議
目前��,微軟公司暫未發(fā)布補(bǔ)丁程序修復(fù)該漏洞���。CNVD建議受影響用戶謹(jǐn)慎訪問來源不明的Office文件或網(wǎng)頁鏈接,具備一定專業(yè)知識(shí)的用戶可通過更改注冊表配置禁用ActiveX控件(建議操作前先做備份)�����,并及時(shí)關(guān)注廠商的更新公告����。
文章來源:國家信息安全漏洞共享平臺(tái) https://www.cnvd.org.cn/webinfo/show/6821
