四种方法暂时屏蔽IE最新0day

日期: 2008-12-14 来源:TechTarget中国 英文

  IE最新0day波及了微软全线系统,目前暂时没有补丁。微软于近日发布了一份安全通报,指导您如何暂时屏蔽此漏洞。

  漏洞出在 OLEDB32.dll 这个文件上。所以我们的目的就是屏蔽这个文件。对此,微软连出了4个杀手锏:

  1. SACL 法(仅适用于 Vista)

[Unicode]
Unicode=yes
[Version]
signature=”$CHICAGO$”
Revision=1
[File Security]
“%ProgramFiles%Common FilesSystemOle DBoledb32.dll”,2,”S:(ML;;NWNRNX;;;ME)”

  将以上内容保存为 BlockAccess_x86.inf

  然后在命令提示符里执行 SecEdit /configure /db BlockAccess.sdb /cfg <inf file>
其中 <inf file> 为 inf 文件路径。若成功会看到“任务成功结束”的提示。

  2. 禁用 Row Position 功能法

  HKEY_CLASSES_ROOTCLSID{2048EEE6-7FA2-11D0-9E6A-00A0C9138C29}
打开注册表编辑器,将此键删除即可。

  3. 取消 DLL 注册法

  在命令提示符中输入 Regsvr32.exe /u “%ProgramFiles%Common FilesSystemOle DBoledb32.dll”
即可

  4. 权限设置法

  在命令提示符中输入 cacls “%ProgramFiles%Common FilesSystemOle DBoledb32.dll” /E /P everyone:N

  Vista 系统则需要输入3个命令:

takeown /f “%ProgramFiles%Common FilesSystemOle DBoledb32.dll”
icacls “%ProgramFiles%Common FilesSystemOle DBoledb32.dll” /save %TEMP%oledb32.32.dll.TXT
icacls “%ProgramFiles%Common FilesSystemOle DBoledb32.dll” /deny everyone:(F)

  其中第一种方法影响最小(只影响 IE 对此 DLL 的访问)。

  附:此漏洞影响的系统、软件列表

Windows Internet Explorer 7
Windows Internet Explorer 7 for Windows XP
Windows Internet Explorer 7 for Windows Server 2003
Windows Internet Explorer 7 for Windows Server 2003 IA64
Windows Internet Explorer 7 in Windows Vista
Windows Internet Explorer 8 Beta
Microsoft Internet Explorer 6.0 Service Pack 2
Microsoft Internet Explorer 6.0 Service Pack 1
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 5.01 Service Pack 4
Windows Server 2008 Datacenter without Hyper-V
Windows Server 2008 Enterprise without Hyper-V
Windows Server 2008 for Itanium-Based Systems
Windows Server 2008 Standard without Hyper-V
Windows Server 2008 Datacenter
Windows Server 2008 Enterprise
Windows Server 2008 Standard
Windows Web Server 2008
Windows Vista Service Pack 1, when used with:
Windows Vista Business
Windows Vista Enterprise
Windows Vista Home Basic
Windows Vista Home Premium
Windows Vista Starter
Windows Vista Ultimate
Windows Vista Enterprise 64-bit Edition
Windows Vista Home Basic 64-bit Edition
Windows Vista Home Premium 64-bit Edition
Windows Vista Ultimate 64-bit Edition
Windows Vista Business 64-bit Edition
Microsoft Windows Server 2003 Service Pack 1, when used with:
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition
Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Microsoft Windows Server 2003, Datacenter x64 Edition
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, Standard x64 Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 Service Pack 2, when used with:
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition
Microsoft Windows Server 2003, Datacenter x64 Edition
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, Standard x64 Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Microsoft Windows XP Service Pack 2, when used with:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Microsoft Windows XP Service Pack 3, when used with:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

  对于非 x86 系统请参考微软安全通报自行操作。

  FlowerCode@cnBeta 概括自微软安全通报

  2008-12-14 9:52 对微软原文中的错误进行了修正。遇到错误提示的网友请重试。

我们一直都在努力坚持原创.......请不要一声不吭,就悄悄拿走。

我原创,你原创,我们的内容世界才会更加精彩!

【所有原创内容版权均属TechTarget,欢迎大家转发分享。但未经授权,严禁任何媒体(平面媒体、网络媒体、自媒体等)以及微信公众号复制、转载、摘编或以其他方式进行使用。】

微信公众号

TechTarget微信公众号二维码

TechTarget

官方微博

TechTarget中国官方微博二维码

TechTarget中国

电子邮件地址不会被公开。 必填项已用*标注

敬请读者发表评论,本站保留删除与本文无关和不雅评论的权力。

相关推荐