您要打印的文件是:Microsoft 安全通报:4 种方法暂时屏蔽 IE 最新 0day

Microsoft 安全通报:4 种方法暂时屏蔽 IE 最新 0day



作者:微软安全通报    转贴自:微软安全通报    点击数:1583


IE 最新 0day 波及了微软全线系统,目前暂时没有补丁。微软于近日发布了一份安全通报,指导您如何暂时屏蔽此漏洞。
漏洞出在 OLEDB32.dll 这个文件上。所以我们的目的就是屏蔽这个文件。对此,微软连出了4个杀手锏:

1. SACL 法
[Unicode]
Unicode=yes
[Version]
signature=$CHICAGO$
Revision=1
[File Security]
%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll,2,S:(ML;;NWNRNX;;;ME)

将以上内容保存为 BlockAccess_x86.inf
然后在命令提示符里执行 SecEdit/configure/db BlockAccess.sdb/cfg <inf file>
其中 <inf file> 为 inf 文件路径。若成功会看到“操作成功完成”的提示。

2. 禁用 Row Position 功能法

HKEY_CLASSES_ROOT\CLSID\{2048EEE6-7FA2-11D0-9E6A-00A0C9138C29}
打开注册表编辑器,将此键删除即可。

3. 取消 DLL 注册法
在命令提示符中输入 Regsvr32.exe/u Program Files\Common Files\System\Ole DB\oledb32.dll
即可

4. 权限设置法
在命令提示符中输入 cacls Program Files\Common Files\System\Ole DB\oledb32.dll/E/P everyone:N

Vista 系统则需要输入3个命令:
takeown/f Program Files\Common Files\System\Ole DB\oledb32.dll
icacls Program Files\Common Files\System\Ole DB\oledb32.dll/save %TEMP%\oledb32.32.dll.TXT
icacls Program Files\Common Files\System\Ole DB\oledb32.dll/deny everyone:(F)

其中第一种方法影响最小(只影响 IE 对此 DLL 的访问)。

附:此漏洞影响的系统、软件列表
  • Windows Internet Explorer 7
  • Windows Internet Explorer 7 for Windows XP
  • Windows Internet Explorer 7 for Windows Server 2003
  • Windows Internet Explorer 7 for Windows Server 2003 IA64
  • Windows Internet Explorer 7 in Windows Vista
  • Windows Internet Explorer 8 Beta
  • Microsoft Internet Explorer 6.0 Service Pack 2
  • Microsoft Internet Explorer 6.0 Service Pack 1
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 5.01 Service Pack 4
  • Windows Server 2008 Datacenter without Hyper-V
  • Windows Server 2008 Enterprise without Hyper-V
  • Windows Server 2008 for Itanium-Based Systems
  • Windows Server 2008 Standard without Hyper-V
  • Windows Server 2008 Datacenter
  • Windows Server 2008 Enterprise
  • Windows Server 2008 Standard
  • Windows Web Server 2008
  • Windows Vista Service Pack 1, when used with:
    • Windows Vista Business
    • Windows Vista Enterprise
    • Windows Vista Home Basic
    • Windows Vista Home Premium
    • Windows Vista Starter
    • Windows Vista Ultimate
    • Windows Vista Enterprise 64-bit Edition
    • Windows Vista Home Basic 64-bit Edition
    • Windows Vista Home Premium 64-bit Edition
    • Windows Vista Ultimate 64-bit Edition
    • Windows Vista Business 64-bit Edition
  • Microsoft Windows Server 2003 Service Pack 1, when used with:
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    • Microsoft Windows Server 2003, Web Edition
    • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
    • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
  • Microsoft Windows Server 2003, Datacenter x64 Edition
  • Microsoft Windows Server 2003, Enterprise x64 Edition
  • Microsoft Windows Server 2003, Standard x64 Edition
  • Microsoft Windows XP Professional x64 Edition
  • Microsoft Windows Server 2003 Service Pack 2, when used with:
    • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
    • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
    • Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
    • Microsoft Windows Server 2003, Web Edition
    • Microsoft Windows Server 2003, Datacenter x64 Edition
    • Microsoft Windows Server 2003, Enterprise x64 Edition
    • Microsoft Windows Server 2003, Standard x64 Edition
    • Microsoft Windows XP Professional x64 Edition
    • Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
    • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
  • Microsoft Windows XP Service Pack 2, when used with:
    • Microsoft Windows XP Home Edition
    • Microsoft Windows XP Professional
  • Microsoft Windows XP Service Pack 3, when used with:
    • Microsoft Windows XP Home Edition
    • Microsoft Windows XP Professional
对于非 x86 系统请参考微软安全通报自行操作。