Shulou(Shulou.com)06/02 Report--

Windows remote code execution vulnerability and Microsoft Excel remote code execution vulnerability example analysis, I believe that many inexperienced people do not know what to do, so this paper summarizes the causes of the problem and solutions, through this article I hope you can solve this problem.

Recently, Microsoft officially released Windows remote code execution vulnerabilities (CNNVD-201805-278, CVE-2018-8136) and Microsoft Excel remote code execution vulnerabilities (CNNVD-201805-273 and CNNVD-201805-272, CVE-2018-8147 and CVE-2018-8148). An attacker who successfully exploits a Windows remote code execution vulnerability can execute arbitrary code on the target system. Versions of MicrosoftWindows Server 2016, MicrosoftWindows Server 2012, MicrosoftWindows Server 2008, MicrosoftWindows 8.1, MicrosoftWindows 7, MicrosoftWindows 10, etc., are affected by the vulnerability.

An attacker who successfully exploits the MicrosoftExcel remote code execution vulnerability can execute arbitrary code in the current user environment, or even take complete control of the user's system if the current user logs in with administrator privileges. MicrosoftExcel 2010 Service Pack 2, MicrosoftExcel 2013Service Pack 1, MicrosoftExcel 2016, MicrosoftOffice 2010 Service Pack 2, MicrosoftOffice 2013 RT Service Pack 1, MicrosoftOffice 2013Service Pack 1, MicrosoftOffice 2016, MicrosoftOffice Compatibility Service Pack 3 and other versions are affected by the vulnerability. At present, Microsoft has officially released a patch to fix the above loophole, and users are advised to confirm whether it is affected by the vulnerability in time and take remedial measures as soon as possible.

I. introduction of loopholes

Microsoft Windows is a graphical operating system developed by Microsoft in the United States. A remote code execution vulnerability exists in the way Windows handles in-memory objects, which can be exploited by an attacker to execute arbitrary code with elevated privileges by creating a specially crafted document.

Microsoft Excel is a spreadsheet software written by Microsoft for computers using Windows and AppleMacintosh operating systems. A remote code execution vulnerability exists in Microsoft Excel due to the software's failure to properly handle objects in memory. An attacker can trigger a remote code execution vulnerability by sending a specially constructed file to the user and inducing the user to open the file.

II. Harmful effects

Windows remote code execution vulnerability, which an attacker can exploit by creating a specially crafted document to execute arbitrary code with elevated privileges. The vulnerability involves multiple versions, including Windows10 Version 1607, Windows10 Version1703, Windows10 Version 1709, Windows10 Version 1803, Windows 7 Service Pack 1, Windows 8.1, Windows RT 8.1, WindowsServer 2008 Service Pack 2, WindowsServer 2008 R2 Service Pack 1, WindowsServer 2012, WindowsServer 2012 R2, WindowsServer 2016, WindowsServer Version 1709, Windows ServerVersion 1803 and so on.

Microsoft Excel remote code execution vulnerability allows an attacker to execute code remotely, and if the current user logs in with administrator privileges, the attacker can even take complete control of the user's system, arbitrarily install programs, change or delete data, create administrator accounts, and so on. The vulnerability involves multiple versions, including MicrosoftExcel 2010 Service Pack 2, MicrosoftExcel 2013Service Pack 1, MicrosoftExcel 2016, MicrosoftOffice 2010 Service Pack 2, MicrosoftOffice 2013 RT Service Pack 1, MicrosoftOffice 2013Service Pack 1, MicrosoftOffice 2016, MicrosoftOffice Compatibility Service Pack 3, and so on.

III. Suggestions for restoration

At present, Microsoft has officially released a patch to fix the above loophole, and users are advised to confirm whether it is affected by the vulnerability in time and take remedial measures as soon as possible.

Microsoft's official link address is as follows:

Vulnerability name, number, patch address, 1Windows remote code execution vulnerability CNNVD-201805-278, CVE-2018-8136 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-81362Microsoft Excel remote code execution vulnerability CNNVD-201805-273, CVE-2018-8147 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8147CNNVD-201805-272, After reading the above content, CVE-2018-8148 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8148 Have you mastered the method of example analysis of Windows remote code execution vulnerability and Microsoft Excel remote code execution vulnerability? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.