新书推介:《语义网技术体系》
作者:瞿裕忠,胡伟,程龚
   >>中国XML论坛<<     W3CHINA.ORG讨论区     计算机科学论坛     SOAChina论坛     Blog     开放翻译计划     新浪微博  
 
  • 首页
  • 登录
  • 注册
  • 软件下载
  • 资料下载
  • 核心成员
  • 帮助
  •   Add to Google

    >> 最新的技术动态
    [返回] 中文XML论坛 - 专业的XML技术讨论区休息区『 最新动态 & 业界新闻 』 → Microsoft probes new Windows kernel bug 查看新帖用户列表

      发表一个新主题  发表一个新投票  回复主题  (订阅本版) 您是本帖的第 6138 个阅读者浏览上一篇主题  刷新本主题   树形显示贴子 浏览下一篇主题
     * 贴子主题: Microsoft probes new Windows kernel bug 举报  打印  推荐  IE收藏夹 
       本主题类别:     
     卷积内核 帅哥哟,离线,有人找我吗?
      
      
      威望:8
      头衔:总统
      等级:博士二年级(版主)
      文章:3942
      积分:27590
      门派:XML.ORG.CN
      注册:2004/7/21

    姓名:(无权查看)
    城市:(无权查看)
    院校:(无权查看)
    给卷积内核发送一个短消息 把卷积内核加入好友 查看卷积内核的个人资料 搜索卷积内核在『 最新动态 & 业界新闻 』的所有贴子 访问卷积内核的主页 引用回复这个贴子 回复这个贴子 查看卷积内核的博客楼主
    发贴心情 Microsoft probes new Windows kernel bug

    Microsoft on Friday said it is investigating an unpatched vulnerability in Windows after an Israeli researcher revealed a bug in the operating system's kernel driver.

    According to Gil Dabah, a researcher from Tel Aviv who goes by the nickname "arkon," the Windows' kernel harbors a heap overflow vulnerability. Dabah also posted a short proof-of-concept to demonstrate the bug on RageStorm.com, a site he and two others run.

    "Microsoft is investigating reports of a possible vulnerability in Windows Kernel," said Jerry Bryant on Friday. "Upon completion of the investigation, Microsoft will take appropriate actions to protect customers."

    In an alert published Friday, Danish bug tracker Secunia pinpointed the bug in the "Win32k.sys" kernel-mode device driver, the kernel component of the Windows subsystem. Attackers could exploit the flaw using "GetClipboardData," an API (application programming interface) that retrieves data from the Window clipboard.

    A successful exploit would allow hackers to execute their attack code in kernel mode, which would then let them infect the PC with malware or pillage any data on the machine.

    The flaw exists in several versions of Windows, including XP SP3, Server 2003 R2, Vista, Windows 7 and Windows Server 2008 SP2, said Secunia, which rated the bug as "less critical," the firm's second-lowest threat ranking.

    Microsoft has patched 13 Windows kernel vulnerabilities this year. In June, for example, MS10-032 patched three vulnerabilities in Win32k.sys; in April, it quashed eight bugs with MS10-021; and in February, MS10-015 fixed two flaws.

    One researcher with experience digging up kernel bugs said the latest is business as usual. "I don't think there's been more than a few days this year that Microsoft [hasn't] been vulnerable to public kernel flaws," said Tavis Ormandy on Twitter. Ormandy reported three of this year's kernel vulnerabilities to Microsoft.

    Most of those bugs were rated as "important," Microsoft's second-highest ranking, because they could not be exploited remotely, but required an attacker to have physical access to the PC and valid log-in credentials. It's likely that Dabah's find will as well.

    Microsoft will issue 14 security updates, including 10 for Windows, on Tuesday. But unless the company found Dabah's flaw on its own, or the vulnerability was reported by another researcher earlier -- it's not unheard of for several researchers to stumble across the same bug -- a fix won't appear until September or later.

    In the meantime, said Secunia, "Grant access [only] to trusted users."


       收藏   分享  
    顶(0)
      




    ----------------------------------------------
    事业是国家的,荣誉是单位的,成绩是领导的,工资是老婆的,财产是孩子的,错误是自己的。

    点击查看用户来源及管理<br>发贴IP:*.*.*.* 2010/8/9 9:49:00
     
     GoogleAdSense
      
      
      等级:大一新生
      文章:1
      积分:50
      门派:无门无派
      院校:未填写
      注册:2007-01-01
    给Google AdSense发送一个短消息 把Google AdSense加入好友 查看Google AdSense的个人资料 搜索Google AdSense在『 最新动态 & 业界新闻 』的所有贴子 访问Google AdSense的主页 引用回复这个贴子 回复这个贴子 查看Google AdSense的博客广告
    2024/11/21 20:50:08

    本主题贴数1,分页: [1]

    管理选项修改tag | 锁定 | 解锁 | 提升 | 删除 | 移动 | 固顶 | 总固顶 | 奖励 | 惩罚 | 发布公告
    W3C Contributing Supporter! W 3 C h i n a ( since 2003 ) 旗 下 站 点
    苏ICP备05006046号《全国人大常委会关于维护互联网安全的决定》《计算机信息网络国际联网安全保护管理办法》
    46.875ms