【漏洞預警】IE瀏覽器遠程代碼執行漏洞(CVE-2019-1367)預警通告
預警編號:NS-2019-0042
2019-09-24| TAG: | IE、遠程代碼執行、CVE-2019-1367 |
| 漏洞危害: | 高,攻擊者利用此漏洞,可造成遠程代碼執行。 |
| 版本: | 1.0 |
漏洞概述
當地時間 9月 23 日,微軟官方發布了一則“IE瀏覽器累積安全更新”,修復了Internet Explorer中的一個遠程代碼執行漏洞(CVE-2019-1367)。該漏洞存在於腳本引擎處理IE內存對象的過程中,攻擊者可利用此漏洞制定惡意網站,當受害者使用IE訪問該網站即可執行任意代碼,從而獲取系統控制權。
目前微軟官方已經發布修復補丁,請相關用戶及時進行更新。
參考鏈接:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367
https://support.microsoft.com/zh-cn/help/4522007/cumulative-security-update-for-internet-explorer
2影響范圍
受影響版本
-
Internet Explorer 9
-
Internet Explorer 10
-
Internet Explorer 11
3漏洞防護
3.1 官方補丁
微軟目前暫未通過Windows update和WSUS發布系統更新,但已發布針對該漏洞的獨立安全更新程序,請受影響的用戶盡快下載安裝進行防護。
| IE版本 |
操作系統 |
下載鏈接 |
| Internet Explorer 9 |
Windows Server 2008 x86 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/ie9-windows6.0-kb4522007-x86_6ea5af2ab7a85143213d35a469772dddf6597f30.msu |
| Internet Explorer 9 |
Windows Server 2008 x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/ie9-windows6.0-kb4522007-x64_2dc213cfbb9299d3fdf889d47cb6e3c5239a7bb3.msu |
| Internet Explorer 10 |
Windows Embedded 8 Standard x86 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/windows8-rt-kb4522007-x86_f3e2d48fb666fb51706e43f38b5843d4782985f2.msu |
| Internet Explorer 10 |
Windows Embedded 8 Standard x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/windows8-rt-kb4522007-x64_317bdd8a49ca73dd2a453a942bd9ad50bdb562c0.msu |
| Internet Explorer 10 |
Windows Server 2012 x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/windows8-rt-kb4522007-x64_317bdd8a49ca73dd2a453a942bd9ad50bdb562c0.msu |
| Internet Explorer 11 |
Windows Embedded Standard 7 x86 |
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/09/ie11-windows6.1-kb4522007-x86_3965a87d7f1b35a1f63b4674f207d981eeb8c178.msu |
| Internet Explorer 11 |
Windows Embedded Standard 7 x64 |
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/09/ie11-windows6.1-kb4522007-x64_052e2af5292fce7302e2bf5bc61361859fc5de99.msu |
| Internet Explorer 11 |
Windows 7 x86 |
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/09/ie11-windows6.1-kb4522007-x86_3965a87d7f1b35a1f63b4674f207d981eeb8c178.msu |
| Internet Explorer 11 |
Windows 7 x64 |
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/09/ie11-windows6.1-kb4522007-x64_052e2af5292fce7302e2bf5bc61361859fc5de99.msu |
| Internet Explorer 11 |
Windows Embedded 8 Standard x86 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/ie11-windows6.2-kb4522007-x86_8597fa798c2d53bac840403550de8ad1bf3ac97f.msu |
| Internet Explorer 11 |
Windows Embedded 8 Standard x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/ie11-windows6.2-kb4522007-x64_7d9dc3f450940f2f6a17dab5826a8c9be9c44eac.msu |
| Internet Explorer 11 |
Windows 8.1 x86 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/windows8.1-kb4522007-x86_af6e89eefbc44e7f0c2edb7e4653a4a2aae283e5.msu |
| Internet Explorer 11 |
Windows 8.1 x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/windows8.1-kb4522007-x64_917ea544f0fd5ede94f2088223d6f8638341a6f9.msu |
| Internet Explorer 11 |
Windows Server 2008 R2 x64 |
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/09/ie11-windows6.1-kb4522007-x64_052e2af5292fce7302e2bf5bc61361859fc5de99.msu |
| Internet Explorer 11 |
Windows Server 2012 x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/ie11-windows6.2-kb4522007-x64_7d9dc3f450940f2f6a17dab5826a8c9be9c44eac.msu |
| Internet Explorer 11 |
Windows Server 2012 R2 x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/windows8.1-kb4522007-x64_917ea544f0fd5ede94f2088223d6f8638341a6f9.msu |
3.2 臨時緩解措施
若相關用戶暫時無法安裝更新,可采取以下方式對該漏洞進行臨時防護。
對於32位的Windows操作系統,可使用管理員權限在命令提示符(cmd)中輸入如下命令:
takeown /f %windir%\system32\jscript.dll cacls%windir%\system32\jscript.dll /E /P everyone:N
對於64位的Windows操作系統,可使用管理員權限在命令提示符(cmd)中輸入如下命令:
takeown /f%windir%\syswow64\jscript.dll cacls%windir%\syswow64\jscript.dll /E /P everyone:N takeown /f%windir%\system32\jscript.dll cacls %windir%\system32\jscript.dll /E /Peveryone:N
注:上述臨時緩解措施可能會導致部分系統功能受限,如果相關用戶系統出現異常,或者已經安裝完安全補丁,請撤銷臨時緩解措施,具體操作如下:
對於32位的Windows操作系統,可使用管理員權限在命令提示符(cmd)中輸入如下命令:
cacls %windir%\system32\jscript.dll /E /R everyone
對於64位的Windows操作系統,可使用管理員權限在命令提示符(cmd)中輸入如下命令:
cacls %windir%\system32\jscript.dll /E /R everyone cacls %windir%\syswow64\jscript.dll /E /R everyone