Windows

Patch Chipiri - Kukadzi 2021

chengetedzo-tsvuku-gamba-img-150x150-1

 

Microsoft yakaburitsa yakagadziriswa shoma mwedzi uno, yakazara chete makumi mashanu nenomwe.Asi anosanganisira zvigamba zve zero-zuva kukanganisa muWin56k chikamu uye zvimwe zvakakomba TCP / IP networking stack kutadza.

Windows uye Windows Server

Kukwidziridzwa kwekuwedzera kwaFebruary (CU) kwe Windows 10 inouya nechikwata che zero-zuva Kukwidziridzwa kweRopafadzo chikanganiso (CVE-2021-1732) muWin32k. Zero-mazuva itsikidzi dzinoshandiswa musango chigamba chisati chawanikwa. Win32k chikamu chepakati che Windows uye kubvumirana kunogona kutungamira kune wekubira kuwana SYSTEM kuwana.

Sekureva kwekambani yekuChinese yekuchengetedza DBAPPSecurity, iko kukanganisa kwakakwidziridzwa neboka rinonzi Bitter, iro rine nhoroondo yekurwiswa kwevashandisi nemasangano muPakistan neChina. DBAPPSecurity inotsanangura kurwisa seyemhando yepamusoro uye yakaomesesa. Zero-zuva rakashandiswa kwemwedzi minomwe yapfuura.

Ruzivo nezve mamwe matanhatu mabhuru akaitwa pachena pamberi pePatch Chipiri: CVE-2021-1721, CVE-2021-1733, CVE-2021-26701, CVE-2021-1727, CVE-2021-24098, uye CVE-2021-24106. Kunyangwe ivo vanga vasiri kushandisirwa, hazvizotora nguva yakareba kuti vabiridzi vazvishandise.

TCP / IP inoshandisa

Microsoft yakaburitsa yakaparadzaniswa blog post nezve matatu TCP / IP anoshandisa: CVE-2021-24074, CVE-2021-24094, uye CVE-2021-24086. Iwo maviri ekutanga akakosha Remote Code Kuitwa (RCE) zvikanganiso. Microsoft inoti dzakaomarara uye kuti zvingave zvakaoma kugadzira mabasa ekushanda. Asi kunyange zvingave zvichireva kuti mune mapfupi-nguva mahabhu asingakwanise kushandisa zvombo, iwe unofanirwa kugadzirisa masisitimu ako nekukurumidza sezvazvinogona. Chikamu chechitatu ndechekuramba kweDenial of Service (DoS) uye zviri nyore kushandisa.

Microsoft inokurudzira kuendesa CU yaFebruary ye Windows 10 uye Windows Server mwedzi uno. Kune masangano asingakwanise kuisa chigamba ipapo ipapo, yega yega CVE inotsanangudza yekushandira isingade maseva anotangazve.

Shanduko, SQL, uye SharePoint Server

Exchange Server 2016 ne2019 vanowana maviri ekuvandudza, ese ari maviri akayerwa akakosha. CVE-2021-24085 kushupika kwekushupika uko kunogona kurega varwisi vakavimbika voburitsa faira resaiti, zvichikonzera kugadzirwa kwechiratidzo cheCSRF. Uye CVE-2021-1730 kumwe kunzvenga kunetsekana asi ino nguva muInstitute Server installer.

SharePoint Server shanduro kuburikidza na2010 kusvika 2019 vanowana zvigamba zvakakosha zveRCE bugs, ruzivo rwekuzivisa kukanganisa, uye kushomeka kwekushupika.

Microsoft Office

Iyo Microsoft 365 Zvishandiso zve Enterprise (Dzvanya-Ku-Mhanya) tora matatu matamba eRCE kushomeka muExcel.

Adobe Software

Pakupedzisira, ita chokwadi chekusimudzira Adobe Reader kune yazvino vhezheni. Chinhu chakakomba buffer yekufashukira kusagadzikana (CVE-2021-21017) yatove kushandiswa musango, yakanangwa Windows vashandisi. Adobe inoti izvo kurwisa kwave kushoma. Iyo yekuvandudza ye Windows uye macOS zvigamba zvakawanda zvakakomba uye zvakakosha kudzvinyirira muAdobe Acrobat uye Adobe Reader.

The post Patch Chipiri - Kukadzi 2021 yakatanga kutanga Petri.