釣蝦釣魚降龍會

標題: 微軟通報：4種方法暫時屏蔽IE漏洞 [打印本頁]

作者: AthlonXP 時間: 2008-12-17 03:13
標題: 微軟通報：4種方法暫時屏蔽IE漏洞
微軟通報：4種方法暫時屏蔽IE漏洞IE 最新7.0波及了微軟全線系統，目前暫時沒有補丁。微軟於近日發佈了一份安全通報，指導您如何暫時屏蔽此漏洞。

漏洞出在 OLEDB32.dll 這個文件上。所以我們的目的就是屏蔽這個文件。對此，微軟連出了4個殺手鑭：

1. SACL 法（僅適用於 Vista）

[Unicode]
Unicode=yes
[Version]
signature="$CHICAGO$"
Revision=1
[File Security]
"%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll",2,"S

ML;;NWNRNX;;;ME)"

將以上內容保存為 BlockAccess_x86.inf
然後在命令提示符裡執行 SecEdit /configure /db BlockAccess.sdb /cfg <inf file>
其中 <inf file> 為 inf 文件路徑。若成功會看到「任務成功結束」的提示。

2. 禁用 Row Position 功能法

HKEY_CLASSES_ROOT\CLSID\{2048EEE6-7FA2-11D0-9E6A-00A0C9138C29}
打開註冊表編輯器，將此鍵刪除即可。

3. 取消 DLL 註冊法

在命令提示符中輸入 Regsvr32.exe /u "%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll"
即可

4. 權限設置法

在命令提示符中輸入 cacls "%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll" /E /P everyone:N

Vista 系統則需要輸入3個命令：

takeown /f "%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll"
icacls "%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll" /save %TEMP%\oledb32.32.dll.TXT
icacls "%ProgramFiles%\Common Files\System\Ole DB\oledb32.dll" /deny everyone

F)

其中第一種方法影響最小（只影響 IE 對此 DLL 的訪問）。

附：此漏洞影響的系統、軟件列表

Windows Internet Explorer 7
Windows Internet Explorer 7 for Windows XP
Windows Internet Explorer 7 for Windows Server 2003
Windows Internet Explorer 7 for Windows Server 2003 IA64
Windows Internet Explorer 7 in Windows Vista
Windows Internet Explorer 8 Beta
Microsoft Internet Explorer 6.0 Service Pack 2
Microsoft Internet Explorer 6.0 Service Pack 1
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 5.01 Service Pack 4
Windows Server 2008 Datacenter without Hyper-V
Windows Server 2008 Enterprise without Hyper-V
Windows Server 2008 for Itanium-Based Systems
Windows Server 2008 Standard without Hyper-V
Windows Server 2008 Datacenter
Windows Server 2008 Enterprise
Windows Server 2008 Standard
Windows Web Server 2008
Windows Vista Service Pack 1, when used with:
Windows Vista Business
Windows Vista Enterprise
Windows Vista Home Basic
Windows Vista Home Premium
Windows Vista Starter
Windows Vista Ultimate
Windows Vista Enterprise 64-bit Edition
Windows Vista Home Basic 64-bit Edition
Windows Vista Home Premium 64-bit Edition
Windows Vista Ultimate 64-bit Edition
Windows Vista Business 64-bit Edition
Microsoft Windows Server 2003 Service Pack 1, when used with:
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition
Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Microsoft Windows Server 2003, Datacenter x64 Edition
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, Standard x64 Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 Service Pack 2, when used with:
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition
Microsoft Windows Server 2003, Datacenter x64 Edition
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, Standard x64 Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Microsoft Windows XP Service Pack 2, when used with:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Microsoft Windows XP Service Pack 3, when used with:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional

對於非 x86 系統請參考微軟安全通報自行操作。

作者: jack0505 時間: 2008-12-19 02:07
感謝大大的資訊

作者: asdde 時間: 2008-12-20 05:59
這真的很重要耶，最近這個問題好像很嚴重。

歡迎光臨釣蝦釣魚降龍會 (https://vanquishloong.com/vanquishloong/)