虚拟补丁保护的重要系统应用漏洞.pptx

Presenter NamePresenter Title Date;Windows: Microsoft Remote Desktop Protocol – Mar 2012 Apache: Armageddon Botnet Apache Killer Exploit – Mar 2012 Windows: TrueType Font (Duqu-like vuln.) – May 2012 Oracle: TNS Poison – no patch available – May 2012 Windows: XML Core Services – no patch available – June 2012 Java 7: recommendation to disable even with patch – Jan 2013 Ruby on Rails: impacting numerous websites and apps – Jan 2013;Details Tuesday, March 13, 2012 (Patch Tuesday), Microsoft Releases Security Update MS12-020 Vulnerability is rated as Critical and affects all versions of Windows (servers and desktops) in which RDP service is ON Could allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights The vulnerability is potentially wormable due to it being an unauthenticated, network-based vulnerability Microsoft sees a high likelihood of attempts to exploit the vulnerability in the next 30 days;As a member of Microsoft Active Protections Program, Trend Micro received advance information about this vulnerability March 13, 2012 (same day vulnerability is announced), Trend Micro releases Deep Security Update DSRU12-006 Next day, Trend Micro releases Intrusion Defense Firewall (IDF) update 12007 These updates provide immediate vulnerability shielding for Deep Security and OfficeScan customers Trend Micro customers can roll out the Windows patch during a regularly scheduled maintenance update;Details August 24, 2011, Apache announces a DOS vulnerability in Apache web server and acknowledges exploits in the wild Vulnerability (CVE-2011-3192) is rated as Critical and affects all versions of Apache HTTP Server Allows remote attackers to cause a denial of service (due to memory and CPU consumption) Exploit scope is even greater as Apache is integrated into many other middleware products (e.g. Oracle Application Server) August 31, 2011, Apache makes version 2.2.20 available with a patch for this vulner