微软至今没有发布关于这补丁的更新,但是网上已经有很多黑客利用此漏洞,来下载木马.
更有甚者 利用此漏洞下载 比熊猫 围巾更厉害"麦英"-->
毒霸分析->http://vi.duba.net/index.php?COD ... mp;action=viewgraph
CISRT 分析-->http://www.cisrt.org/blog/read.php?304
希望大家及时更新补丁,以防不必要的损失
Windows漏洞才被公布,有人已经利用这个漏洞制作出了ANI网马生成器,微软方面的补丁还未出来,请大家及时打上补丁。
第三方组织eEye Digital Security - Windows ANI Zero-Day With eEye Patch大家先打上這補丁吧!!
昨天我们报导了一个Windows .ANI动画即可将Windows Vista陷入Explorer崩溃死循环的消息,目前微软已经确认了这一问题并正在组织解决方案,但第三方的安全组织eEye却先人一步,提供了第三方补丁,这已经不是他们第一次先于微软发布补丁了,至于质量如何,大家不妨可以研究研
EEYEZD-20070328
Common Name:
Windows .ANI Processing
Date Disclosed:
3/28/2007
Expected Patch Release:
Unknown
Vendor:
Microsoft
Application:
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Vista
Patch Location: Download Now!
Patch Version: 1.0
Patch Source Code: View
This patch is released without any warranty and eEye Digital Security makes no guarantees or accepts any liability associated with the installation of this patch. This patch is copyright 2007 eEye Digital Security and is released with no support.
This temporary patch is being released free of charge for users. This patch addresses the issue as explained in Microsoft Security Advisory 935423 which is available here:
http://www.microsoft.com/technet/security/advisory/935423.mspx
Users who install this patch should note:
· This patch is a temporary fix and should be removed before the official Microsoft patch is installed.
· It is recommended that users test this patch thoroughly before installing.
· This patch only supports Windows 2000, Windows XP, Windows Server 2003 and Windows Vista.
本补丁只支持 Windows 2000, Windows XP, Windows Server 2003 and Windows Vista
· This patch will not work on x64 or Itanium architectures.
本补丁不能在64位或者安腾架构操作系统下工作。
· To install silently run this command:
WindowsANIZeroDayPatchSetup.exe /qn
· To uninstall silently run this command:
msiexec /qn /x {DFEF2523-72D0-483F-A1C2-FC29B71B166A}
· This patch includes a checker that will uninstall itself when it detects a Microsoft patch has been installed. To disable the checker, run the installation with this command line (command is case-sensitive): WindowsANIZeroDayPatchSetup.exe NOCHECKER=1
More information is available at:
http://research.eeye.com/html/alerts/zeroday/20070328.html
For support, bug reports, and feedback please email:
skunkworks@eeye.com
![SiS001! Board - [第一会所 关闭注册]](images/green001/logo.png){kind=logo}
