Bugraq ID: 36602 CVE ID:CVE-2009-2525 Windows Media Format Runtime是一款用于向使用Windows Media内容的应用程序提供信息和工具。 Microsoft Windows媒体实时处理压缩音频文件中的部分函数存在错误,如果用户打开特殊构建的文件,可导致任意代码执行。如果用户以管理员全新啊登录,攻击者成功个利用此漏洞可控制整个受此漏洞影响的系统。攻击者之后可以安装程序;查看,更改或删除数据,或以系统用户权限建立新帐户。 Microsoft Windows Media Audio Voice Decoder Microsoft DirectShow WMA Voice Codec Microsoft Audio Compression Manager 用户可以通过cacls设置对msaud32.acm的拒绝访问来临时解决此漏洞,针对Windows 2000, Windows XP和Windows Server 2003系统: For 32-bit Windows systems: Echo y| cacls %WINDIR%\system32\msaud32.acm /E /P everyone:N For 64-bit Windows systems: Echo y| cacls %WINDIR%\syswow64\msaud32.acm /E /P everyone:N 在Windows Vista和Windows Server 2008系统下: For 32-bit Windows: Takeown.exe /f "%windir%\system32\msaud32.acm" Icacls.exe "%windir%\system32\msaud32.acm " /save %TEMP%\msaud32_acm.TXT Icacls.exe "%windir%\system32\msaud32.acm " /deny everyone:(F) For 64-bit Windows systems: Takeown.exe /f "%windir%\syswow64\msaud32.acm" Icacls.exe...
Bugraq ID: 36602 CVE ID:CVE-2009-2525 Windows Media Format Runtime是一款用于向使用Windows Media内容的应用程序提供信息和工具。 Microsoft Windows媒体实时处理压缩音频文件中的部分函数存在错误,如果用户打开特殊构建的文件,可导致任意代码执行。如果用户以管理员全新啊登录,攻击者成功个利用此漏洞可控制整个受此漏洞影响的系统。攻击者之后可以安装程序;查看,更改或删除数据,或以系统用户权限建立新帐户。 Microsoft Windows Media Audio Voice Decoder Microsoft DirectShow WMA Voice Codec Microsoft Audio Compression Manager 用户可以通过cacls设置对msaud32.acm的拒绝访问来临时解决此漏洞,针对Windows 2000, Windows XP和Windows Server 2003系统: For 32-bit Windows systems: Echo y| cacls %WINDIR%\system32\msaud32.acm /E /P everyone:N For 64-bit Windows systems: Echo y| cacls %WINDIR%\syswow64\msaud32.acm /E /P everyone:N 在Windows Vista和Windows Server 2008系统下: For 32-bit Windows: Takeown.exe /f "%windir%\system32\msaud32.acm" Icacls.exe "%windir%\system32\msaud32.acm " /save %TEMP%\msaud32_acm.TXT Icacls.exe "%windir%\system32\msaud32.acm " /deny everyone:(F) For 64-bit Windows systems: Takeown.exe /f "%windir%\syswow64\msaud32.acm" Icacls.exe "%windir%\syswow64\msaud32.acm " /save %TEMP%\ msaud32_acm.TXT Icacls.exe "%windir%\syswow64\msaud32.acm " /deny everyone:(F) 微软公司已经提供安全补丁,用户可参考如下补丁程序: Microsoft Windows Media Audio Voice Decoder 0 Microsoft Security Update for 32-bit Windows Media Format Runtime 11 for Windows XP x64 Edition (KB954155) http://www.microsoft.com/downloads/details.aspx?familyid=a866a490-6d3a -4ecd-acf4-770312ba2fd6 Microsoft Security Update for 32-bit Windows Media Format Runtime 9.5 for Windows Server 2003 x64 Edition (KB9 http://www.microsoft.com/downloads/details.aspx?familyid=13ba4839-7fa9 -4bbb-95f6-3fafb6c49f20 Microsoft Security Update for 32-bit Windows Media Format Runtime 9.5 for Windows XP x64 Edition (KB954155) http://www.microsoft.com/downloads/details.aspx?familyid=4729de51-8fd8 -46c6-b4ad-9c9f25202684 Microsoft Security Update for 64-bit Windows Media Format Runtime 9.5 for Windows XP x64 Edition and Windows S http://www.microsoft.com/downloads/details.aspx?familyid=fe0d51b2-345e -4eb7-a036-d8c3f6a683d2 Microsoft Security Update for Windows Media Format Runtime 11 for Windows Server 2008 (KB954155) http://www.microsoft.com/downloads/details.aspx?familyid=2eaa9857-a147 -4f31-9bf4-b9e2cf4c15c3 Microsoft Security Update for Windows Media Format Runtime 11 for Windows Server 2008 x64 Edition (KB954155) http://www.microsoft.com/downloads/details.aspx?familyid=70aabba3-53d6 -4b52-be83-6d3f3869ecbd Microsoft Security Update for Windows Media Format Runtime 11 for Windows Vista (KB954155) http://www.microsoft.com/downloads/details.aspx?familyid=f17ee0ea-f1e2 -49f4-9f90-60296246ddfe Microsoft Security Update for Windows Media Format Runtime 11 for Windows Vista for x64-based Systems (KB95415 http://www.microsoft.com/downloads/details.aspx?familyid=26905f12-92c7 -4d45-99e7-227f03d2cb82 Microsoft Security Update for Windows Media Format Runtime 9 for Windows 2000 (KB954155) http://www.microsoft.com/downloads/details.aspx?familyid=8f850a82-61f9 -447b-a0aa-a2c192cc5d2e Microsoft Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 2 (KB954155) http://www.microsoft.com/downloads/details.aspx?familyid=4516c219-e357 -485e-a52b-23dcb8ee49d8 Microsoft Security Update for Windows Media Format Runtime 9, 9.5 & 11 for Windows XP SP 3 (KB954155) http://www.microsoft.com/downloads/details.aspx?familyid=746d3440-5a6a -421e-9286-7b534a1dfe54 Microsoft Security Update for Windows Media Format Runtime 9.5 for Windows Server 2003 (KB954155) http://www.microsoft.com/downloads/details.aspx?familyid=00b3cb86-c9eb -4fbe-987e-2b0d94271d87 Microsoft Audio Compression Manager 0 Microsoft Security Update for Windows Media Player 9 for Windows 2000 (KB975025) http://www.microsoft.com/downloads/details.aspx?familyid=6dfd5405-cabe -4bd7-9330-b6bde1d99194 Microsoft Security Update for Windows Server 2003 (KB975025) http://www.microsoft.com/downloads/details.aspx?familyid=ab1803ff-2371 -487f-a7b6-95747c46ba4e Microsoft Security Update for Windows Server 2003 x64 Edition (KB975025) http://www.microsoft.com/downloads/details.aspx?familyid=46daf7c7-1cd3 -4f47-9c7a-d5eb6ea7327b Microsoft Security Update for Windows XP (KB975025) http://www.microsoft.com/downloads/details.aspx?familyid=6ecc7129-8caa -4daf-a8e2-8f3536225fb3 Microsoft DirectShow WMA Voice Codec 0 Microsoft Security Update for Windows 2000, Windows XP and Windows 2003 (KB969878) http://www.microsoft.com/downloads/details.aspx?familyid=4fe0dff5-04d9 -4409-8d1d-52419537126b Microsoft Security Update for Windows XP x64 Edition and Windows 2003 x64 Edition (KB969878) http://www.microsoft.com/downloads/details.aspx?familyid=c116ae9d-e416 -4b7d-be75-4b4b2ebcc33a
