Microsoft 安全通報:4 種方法暫時對抗 IE 0day IE 最新 0day 包含了微軟全部系統,目前暫時沒有修正。微軟於近日發佈了一份安全通報,指導您如何暫時忽略此漏洞。
漏洞出在 OLEDB32.dll 這個文件上。所以我們的目的就是忽略這個文件。對此,微軟連出了4個解決方案:1. SACL 法(僅適用於 Vista)[Unicode]
Unicode=yes
[Version]
signature="$CHICAGO$"
Revision=1
[File Security]
"%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll",2,"S:(ML;;NWNRNX;;;ME)"
將以上內容保存為 BlockAccess_x86.inf
然後在命令提示符裡執行 SecEdit /configure /db BlockAccess.sdb /cfg <inf file>
其中 <inf file> 為 inf 文件路徑。若成功會看到「任務成功結束」的提示。
2. 禁用 Row Position 功能法HKEY_CLASSES_ROOT\CLSID\{2048EEE6-7FA2-11D0-9E6A-00A0C9138C29}
打開註冊表編輯器,將此鍵刪除即可。
3. 取消 DLL 註冊法在命令提示符中輸入 Regsvr32.exe /u "%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll"
即可
4. 權限設定法在命令提示符中輸入 cacls "%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll" /E /P everyone:N
Vista 系統則需要輸入3個命令:
takeown /f "%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll"
icacls "%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll" /save %TEMP%\oledb32.32.dll.TXT
icacls "%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll" /deny everyone:(F)
其中第一種方法影響最小(只影響 IE 對此 DLL 的訪問)。
附:此漏洞影響的系統、軟體列表
- Windows Internet Explorer 7
- Windows Internet Explorer 7 for Windows XP
- Windows Internet Explorer 7 for Windows Server 2003
- Windows Internet Explorer 7 for Windows Server 2003 IA64
- Windows Internet Explorer 7 in Windows Vista
- Windows Internet Explorer 8 Beta
- Microsoft Internet Explorer 6.0 Service Pack 2
- Microsoft Internet Explorer 6.0 Service Pack 1
- Microsoft Internet Explorer 6.0
- Microsoft Internet Explorer 5.01 Service Pack 4
- Windows Server 2008 Datacenter without Hyper-V
- Windows Server 2008 Enterprise without Hyper-V
- Windows Server 2008 for Itanium-Based Systems
- Windows Server 2008 Standard without Hyper-V
- Windows Server 2008 Datacenter
- Windows Server 2008 Enterprise
- Windows Server 2008 Standard
- Windows Web Server 2008
- Windows Vista Service Pack 1, when used with:
- Windows Vista Business
- Windows Vista Enterprise
- Windows Vista Home Basic
- Windows Vista Home Premium
- Windows Vista Starter
- Windows Vista Ultimate
- Windows Vista Enterprise 64-bit Edition
- Windows Vista Home Basic 64-bit Edition
- Windows Vista Home Premium 64-bit Edition
- Windows Vista Ultimate 64-bit Edition
- Windows Vista Business 64-bit Edition
- Microsoft Windows Server 2003 Service Pack 1, when used with:
- Microsoft Windows Server 2003, Standard Edition (32-bit x86)
- Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
- Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
- Microsoft Windows Server 2003, Web Edition
- Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
- Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
- Microsoft Windows Server 2003, Datacenter x64 Edition
- Microsoft Windows Server 2003, Enterprise x64 Edition
- Microsoft Windows Server 2003, Standard x64 Edition
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003 Service Pack 2, when used with:
- Microsoft Windows Server 2003, Standard Edition (32-bit x86)
- Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
- Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
- Microsoft Windows Server 2003, Web Edition
- Microsoft Windows Server 2003, Datacenter x64 Edition
- Microsoft Windows Server 2003, Enterprise x64 Edition
- Microsoft Windows Server 2003, Standard x64 Edition
- Microsoft Windows XP Professional x64 Edition
- Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
- Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
- Microsoft Windows XP Service Pack 2, when used with:
- Microsoft Windows XP Home Edition
- Microsoft Windows XP Professional
- Microsoft Windows XP Service Pack 3, when used with:
- Microsoft Windows XP Home Edition
- Microsoft Windows XP Professional
對於非 x86 系統請參考微軟安全通報自行操作。
Source :
http://support.microsoft....051/en-us/
