΢Èí½ôÆÈÐÞ¸´IE¼°DefenderÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-09-24

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-1367£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-1255£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬CVSS·ÖÖµ£º¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


CVE-2019-1367
IE9¡¢10ºÍ11
CVE-2019-1255

Defender 1.1.16300.1


Îó²î¸ÅÊö


΢ÈíÐû²¼½ôÆÈÇå¾²¸üУ¬£¬£¬ÐÞ¸´IEÖеÄRCE 0day¼°Windows DefenderÖеÄDoSÎó²î¡£¡£ ¡£¡£


CVE-2019-1367


´ËÎó²îÊÇÓÉInternetExplorer¾ç±¾ÒýÇæÖд¦Öóͷ£Äڴ湤¾ßµÄ·½·¨ÖеÄÄÚ´æËð»µÒýÆðµÄ¡£¡£ ¡£¡£ÒªÊ¹ÓôËÎó²î£¬£¬£¬¹¥»÷Õß±ØÐèÖ¸µ¼Óû§·­¿ªÒѾ­ÍйÜÎó²îµÄ¶ñÒâÍøÕ¾¡£¡£ ¡£¡£Ê¹ÓôËÎó²î¿ÉÒÔµ¼Ö¹¥»÷Õß»ñµÃÓû§µÄÄ¿½ñȨÏÞ£¬£¬£¬²¢Ö´ÐÐí§Òâ´úÂë¡£¡£ ¡£¡£ÈôÊÇÄ¿½ñÓû§ÓµÓÐÖÎÀíȨÏÞ¹¥»÷Õß¿ÉÒÔÔÚϵͳÉÏÖ´ÐÐÖݪֲÙ×÷£¬£¬£¬´Ó½¨Éè¾ßÓÐÍêȫȨÏÞµÄÐÂÕÊ»§µ½×°ÖóÌÐòÉõÖÁÐÞ¸ÄÊý¾Ý¡£¡£ ¡£¡£


CVE-2019-1255


´ËÎó²îÊÇWindows DefenderÖеľܾøЧÀÍÎó²î£¬£¬£¬¸ÃÎó²îÓëDefender´¦Öóͷ£ÎļþµÄ·½·¨ÓйØ£¬£¬£¬¹¥»÷Õß¿ÉʹÓøÃÎó²î×èÖ¹Õýµ±ÕË»§Ö´ÐÐÕýµ±µÄϵͳÎļþ¡£¡£ ¡£¡£


Îó²îÑéÖ¤


ÔÝÎÞPOC/EXP¡£¡£ ¡£¡£ 


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬£¬£¬²¹¶¡»ñÈ¡Á´½Ó£º


https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1255?ranMID=24542&ranEAID=je6NUbpObpQ&ranSiteID=je6NUbpObpQ-FFyqiDVVceJ.9YKJh7SFaQ&epi=je6NUbpObpQ-FFyqiDVVceJ.9YKJh7SFaQ&irgwc=1&OCID=AID2000142_aff_7593_1243925&tduid=(ir__6uzmmvnfpkkfrjuzkk0sohzz0n2xgzdoytt2n2t200)(7593)(1243925)(je6NUbpObpQ-FFyqiDVVceJ.9YKJh7SFaQ)()&irclickid=_6uzmmvnfpkkfrjuzkk0sohzz0n2xgzdoytt2n2t200


https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367?ranMID=24542&ranEAID=je6NUbpObpQ&ranSiteID=je6NUbpObpQ-_818kqJ.tMcmbzNDDr5bdg&epi=je6NUbpObpQ-_818kqJ.tMcmbzNDDr5bdg&irgwc=1&OCID=AID2000142_aff_7593_1243925&tduid=(ir__6uzmmvnfpkkfrjuzkk0sohzz0n2xgzdvt1t2n2t200)(7593)(1243925)(je6NUbpObpQ-_818kqJ.tMcmbzNDDr5bdg)()&irclickid=_6uzmmvnfpkkfrjuzkk0sohzz0n2xgzdvt1t2n2t200¡£¡£ ¡£¡£


²Î¿¼Á´½Ó


https://www.zdnet.com/article/microsoft-releases-out-of-band-security-update-to-fix-ie-zero-day-defender-bug/