【漏洞预警】IE浏览器远程代码执行漏洞(CVE-2019-1367)预警通告
预警编号:NS-2019-0042
2019-09-24| TAG: | IE、远程代码执行、CVE-2019-1367 |
| 漏洞危害: | 高,攻击者利用此漏洞,可造成远程代码执行。 |
| 版本: | 1.0 |
漏洞概述
当地时间 9月 23 日,微软官方发布了一则“IE浏览器累积安全更新”,修复了Internet Explorer中的一个远程代码执行漏洞(CVE-2019-1367)。该漏洞存在于脚本引擎处理IE内存对象的过程中,攻击者可利用此漏洞制定恶意网站,当受害者使用IE访问该网站即可执行任意代码,从而获取系统控制权。
目前微软官方已经发布修复补丁,请相关用户及时进行更新。
参考链接:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367
https://support.microsoft.com/zh-cn/help/4522007/cumulative-security-update-for-internet-explorer
2影响范围
受影响版本
-
Internet Explorer 9
-
Internet Explorer 10
-
Internet Explorer 11
3漏洞防护
3.1 官方补丁
微软目前暂未通过Windows update和WSUS发布系统更新,但已发布针对该漏洞的独立安全更新程序,请受影响的用户尽快下载安装进行防护。
|
IE版本 |
操作系统 |
下载链接 |
|
Internet Explorer 9 |
Windows Server 2008 x86 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/ie9-windows6.0-kb4522007-x86_6ea5af2ab7a85143213d35a469772dddf6597f30.msu |
|
Internet Explorer 9 |
Windows Server 2008 x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/ie9-windows6.0-kb4522007-x64_2dc213cfbb9299d3fdf889d47cb6e3c5239a7bb3.msu |
|
Internet Explorer 10 |
Windows Embedded 8 Standard x86 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/windows8-rt-kb4522007-x86_f3e2d48fb666fb51706e43f38b5843d4782985f2.msu |
|
Internet Explorer 10 |
Windows Embedded 8 Standard x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/windows8-rt-kb4522007-x64_317bdd8a49ca73dd2a453a942bd9ad50bdb562c0.msu |
|
Internet Explorer 10 |
Windows Server 2012 x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/windows8-rt-kb4522007-x64_317bdd8a49ca73dd2a453a942bd9ad50bdb562c0.msu |
|
Internet Explorer 11 |
Windows Embedded Standard 7 x86 |
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/09/ie11-windows6.1-kb4522007-x86_3965a87d7f1b35a1f63b4674f207d981eeb8c178.msu |
|
Internet Explorer 11 |
Windows Embedded Standard 7 x64 |
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/09/ie11-windows6.1-kb4522007-x64_052e2af5292fce7302e2bf5bc61361859fc5de99.msu |
|
Internet Explorer 11 |
Windows 7 x86 |
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/09/ie11-windows6.1-kb4522007-x86_3965a87d7f1b35a1f63b4674f207d981eeb8c178.msu |
|
Internet Explorer 11 |
Windows 7 x64 |
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/09/ie11-windows6.1-kb4522007-x64_052e2af5292fce7302e2bf5bc61361859fc5de99.msu |
|
Internet Explorer 11 |
Windows Embedded 8 Standard x86 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/ie11-windows6.2-kb4522007-x86_8597fa798c2d53bac840403550de8ad1bf3ac97f.msu |
|
Internet Explorer 11 |
Windows Embedded 8 Standard x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/ie11-windows6.2-kb4522007-x64_7d9dc3f450940f2f6a17dab5826a8c9be9c44eac.msu |
|
Internet Explorer 11 |
Windows 8.1 x86 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/windows8.1-kb4522007-x86_af6e89eefbc44e7f0c2edb7e4653a4a2aae283e5.msu |
|
Internet Explorer 11 |
Windows 8.1 x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/windows8.1-kb4522007-x64_917ea544f0fd5ede94f2088223d6f8638341a6f9.msu |
|
Internet Explorer 11 |
Windows Server 2008 R2 x64 |
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/09/ie11-windows6.1-kb4522007-x64_052e2af5292fce7302e2bf5bc61361859fc5de99.msu |
|
Internet Explorer 11 |
Windows Server 2012 x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/ie11-windows6.2-kb4522007-x64_7d9dc3f450940f2f6a17dab5826a8c9be9c44eac.msu |
|
Internet Explorer 11 |
Windows Server 2012 R2 x64 |
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/09/windows8.1-kb4522007-x64_917ea544f0fd5ede94f2088223d6f8638341a6f9.msu |
3.2 临时缓解措施
若相关用户暂时无法安装更新,可采取以下方式对该漏洞进行临时防护。
对于32位的Windows操作系统,可使用管理员权限在命令提示符(cmd)中输入如下命令:
takeown /f %windir%\system32\jscript.dll cacls%windir%\system32\jscript.dll /E /P everyone:N
对于64位的Windows操作系统,可使用管理员权限在命令提示符(cmd)中输入如下命令:
takeown /f%windir%\syswow64\jscript.dll cacls%windir%\syswow64\jscript.dll /E /P everyone:N takeown /f%windir%\system32\jscript.dll cacls %windir%\system32\jscript.dll /E /Peveryone:N
注:上述临时缓解措施可能会导致部分系统功能受限,如果相关用户系统出现异常,或者已经安装完安全补丁,请撤销临时缓解措施,具体操作如下:
对于32位的Windows操作系统,可使用管理员权限在命令提示符(cmd)中输入如下命令:
cacls %windir%\system32\jscript.dll /E /R everyone
对于64位的Windows操作系统,可使用管理员权限在命令提示符(cmd)中输入如下命令:
cacls %windir%\system32\jscript.dll /E /R everyone cacls %windir%\syswow64\jscript.dll /E /R everyone