Windows Server 2012、2012 R2存在MotW零時差漏洞
支付動態 · 2024-12-03
資安業者0patch透露,他們在伺服器作業系統Windows Server 2012、2012 R2找到零時差漏洞,並指出這項漏洞存在可能已經超過2年
11月28日專門提供微修補的資安業者0patch指出,他們在伺服器作業系統Windows Server 2012、2012 R2發現零時差漏洞,一旦遭到利用,電腦對於來自網際網路的特定類型檔案,執行Mark of Web(MotW)安全檢查的流程,就有可能被攻擊者繞過。
根據該公司的調查,這項弱點很可能是在2年前引入Windows Server 2012,目前尚未登記CVE編號,他們已通報此事,但截至目前為止,微軟並未提供更新軟體。
而對於這項漏洞影響範圍,研究人員表示,Windows Server 2012與2012 R2已於去年10月終止支援,但即便用戶已購買延伸安全性更新(ESU)並套用,還是會曝露在這項漏洞的危險。
對此,他們在微軟正式發布修補程式之前,免費為所有使用者提供對應的0patch修補程式。不過,為了避免漏洞遭到惡意利用,研究人員暫時沒有公布進一步的細節。
熱門文章
Kazakhstan plans to penalise online casino promotions
Regulation
JILI Partners with Cricket Legend AB de Villiers (ABD) to Launch Exclusive Branded Game Series 100% 11
Sports Game
GAT CDMX 2025 Institutional Academy: Leaders and Experts Analyze the Present and Future of the Gaming Industry in Mexico and Lat
Sports Game
Vietnam's tightening online gaming policy creates new market opportunities
Southeast Asia
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
British gambling levy rates confirmed for each vertical
Regulation
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
1spin4win releases unique slot Don Catleone Hold and Win featuring gangster cats
Online Game
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
SBC Summit Canada to Make Player Safety a Key Pillar of 2026 Agenda
Marketing
Online gambling, crypto pose ongoing money laundering risks in Philippines, analyst says
Southeast Asia
B2B Tech Infrastructure Gains Momentum in Philippine Gaming Sector
Southeast Asia
HUIDU Invites You to Booth T70 at iGB L!VE 2026 — Let’s Ignite London This July!
HUIDU Focus
