Shulou(Shulou.com)05/31 Report--

Today, I would like to talk to you about how CVE-2020-0852 and CVE-2020-0796 vulnerability attacks are carried out, which may not be well understood by many people. in order to make you understand better, the editor has summarized the following contents for you. I hope you can get something according to this article.

About CVE-2020-0852:

There is a remote arbitrary program code execution vulnerability in Microsoft Office Word that can be triggered when memory fails to handle objects properly. Attackers can tailor a file to attack current users, for example, the file can use the permissions of the logged-in user to perform certain actions.

To trigger this vulnerability, the attacker needs to open a specially crafted attack Word file through the Office version of the vulnerability. For attack scenarios used in e-mail, attackers can send this file directly to the target, and then trick the target to open it by means of social engineering. Of course, the attacker can also trick the target to click on a malicious hyperlink and then connect to a special or hacked website. lure the target to download and open the malicious file. It is important to note that this vulnerability can be triggered through Outlook's preview interface.

About CVE-2020-0796:

Windows 10Version 1903, WindowsServer Version 1903 (Server Core Installation), Windows10 Version 1909, and WindowsServer Version 1909 and SMBv3-enabled Windows 8 and WindowsServer 2012 are all affected by this vulnerability. An attacker can use a specially crafted packet to attack a server with this vulnerability and SMBv3 service enabled to gain full control of the server. In addition, CVE-2020-0796 is a wormable vulnerability.

Before Microsoft releases the patch, it is recommended to use the firewall function to turn off and restrict the use of SMBv3 and network port 445.

After reading the above, do you have any further understanding of how CVE-2020-0852 and CVE-2020-0796 vulnerabilities are carried out? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.