影响所有windows系统的高危漏洞CVE-2022-30190
摘要:最近微软公布了一个高危的零日漏洞CVE-2022-30190,漏洞代号Follina。可被用在windows系统中执行远程的恶意攻击,该漏洞影响到目前所有的windows版本。
最近微软公布了一个高危的零日漏洞CVE-2022-30190,漏洞代号Follina。可被用在windows系统中执行远程的恶意攻击,该漏洞影响到目前所有的windows版本。
该漏洞在没有被发现之前,就已经被黑客私下利用了好长一段时间。其实在四月份的时候就已经被一个名叫shadow chaser group的组织发现并报告给了微软,而且证明了该漏洞已经被黑客广泛利用。然而微软当时并没有引起高度重视,只是将这个漏洞标记为“不是与安全相关的问题”。直到最近事态愈发严重,微软才以存在远程代码执行漏洞为由关闭了漏洞提交的报告并正式为该漏洞命名编号。
目前微软还没有发布修复该漏洞的补丁,但是提供了一个暂时的应对方案,即通过注册表关闭MSDT功能。操作很简单,下面上方案。
一、以管理员身份打开cmd
不知如何操作的,请参考本站文章:《以管理员身份打开cmd的几种方法》
二、备份注册表,命令窗口中执行以下命令
reg export HKEY_CLASSES_ROOT\ms-msdt C:\msdt_reg_backup.reg
三、禁用MSDT
reg delete HKEY_CLASSES_ROOT\ms-msdt /f
来一张完整的命令图
附一个影响范围
Windows RT 8.1
Windows 8.1
x64-based systems
32-bit systems
Windows 7
x64-based Systems Service Pack 1
32-bit Systems Service Pack 1
Windows 10
1607 for x64-based Systems
1607 for 32-bit Systems
x64-based Systems
32-bit Systems
21H2 for x64-based Systems
21H2 for ARM64-based Systems
21H2 for 32-bit Systems
20H2 for ARM64-based Systems
20H2 for 32-bit Systems
20H2 for x64-based Systems
21H1 for 32-bit Systems
21H1 for ARM64-based Systems
21H1 for x64-based Systems
1809 for ARM64-based Systems
1809 for x64-based Systems
1809 for 32-bit Systems
Windows 11
ARM64-based Systems
x64-based Systems
Windows Server
2012 R2 (Server Core installation)
2012 R2
2012 (Server Core installation)
2012
2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
2008 R2 for x64-based Systems Service Pack 1
2008 for x64-based Systems Service Pack 2 (Server Core installation)
2008 for x64-based Systems Service Pack 2
2008 for 32-bit Systems Service Pack 2 (Server Core installation)
2008 for 32-bit Systems Service Pack 2
2016 (Server Core installation)
2016
20H2 (Server Core Installation)
2022 Azure Edition Core Hotpatch
2022 (Server Core installation)
2019 (Server Core installation)
2019
微软官方链接:https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-30190
双11云服务器热购推广(腾讯云):2核+4G内存+3M带宽=688元/3年(仅限新用户)
除非注明,文章均为草根java原创,转载请注明本文地址:
https://www.caogenjava.com/detail/138.html
上一篇:yum命令之BDB1507 Thread died in Berkeley DB library解决
下一篇:Mysql之Incorrect key file for table解决
相关链接
-
1微信开发errcode:45015,errmsg:response out of time limit之完美解决
-
2archive is not a ZIP archive之解决
-
3火狐每次启动都弹出迅雷提示下载openh264之解决
-
4Eclipse中提示Could not find the main class之解决
-
5以小米6为例图说安卓手机如何安装谷歌四件套
-
6在微信中调用外部浏览器实现文件下载之解决
-
7java web项目代码不报错但是项目左上角有个红叉之解决
-
8Eclipse中svn资源库中文路径乱码解决
-
9万能方法用指定浏览器打开桌面上的网页快捷方式
-
10论坛注册:用户名包含被系统屏蔽的字符之完美解决
热门排行榜
-
1微信开发errcode:45015,errmsg:response out of time limit之完美解决
-
2archive is not a ZIP archive之解决
-
3火狐每次启动都弹出迅雷提示下载openh264之解决
-
4Eclipse中提示Could not find the main class之解决
-
5XML document structures must start and end within the same entity报错解决
-
6以小米6为例图说安卓手机如何安装谷歌四件套
-
7在微信中调用外部浏览器实现文件下载之解决
-
8U盘安装CentOS 7终极方案,简单有效
-
9POI合并单元格时CellRangeAddress类提示过时之解决
-
10java web项目代码不报错但是项目左上角有个红叉之解决
双11云服务器热购
-
购买建议:带宽不用太高了,1M就够用,多考虑内存。
鲁公网安备 37010202001271号