Menu
Close Menu

Kinh tế số

Đẩy mạnh chuyển đổi số trong khu vực kinh tế hợp tác, hợp tác xã

Bất động sản

Ách tắc nguồn cung, giá cát xây dựng ở Quảng Ngãi tăng đột biến.

Chứng khoán

Chuyển giao Vinapharm từ Bộ Y tế sang SCIC

Tiêu & dùng

Balenciaga là thương hiệu thời trang quyền lực nhất thế giới quý 3/2021

Chứng khoán

FinaTics – Giới thiệu chứng khoán sàn FinaTics

Tiêu & dùng

BST Burberry Thu – Đông 2022: hiện thực trong thế giới hỗn loạn

Cảnh báo 8 lỗ hổng bảo mật của Microsoft có thể cho phép tấn công mã độc từ xa

Posted By sanfiname Posted On Comment (1761)

Cảnh báo 8 lỗ hổng bảo mật của Microsoft có thể cho phép tấn công mã độc từ xa


Cục An toàn thông tin – Bộ Thông tin và Truyền thông vừa cảnh báo về các lỗ hổng bảo mật mức cao trong những sản phẩm Microsoft công bố tháng 3/2022 gửi tới đơn vị chuyên trách về công nghệ thông tin ở các bộ, cơ quan ngang bộ, cơ quan thuộc Chính phủ; Sở Thông tin và Truyền thông các tỉnh, thành phố trực thuộc Trung ương; các tập đoàn, tổng công ty nhà nước; các ngân hàng, tổ chức tài chính và hệ thống đơn vị chuyên trách về an toàn thông tin. 

Cơ quan này đã khuyến cáo, ngày 8/3, Microsoft đã phát hành danh sách bản vá tháng 3 với 71 lỗ hổng bảo mật. Trong 71 lỗ hổng mới được Microsoft công bố và phát hành bản vá, Cục An toàn thông tin đề nghị các cơ quan, đơn vị, doanh nghiệp đặc biệt chú ý 8 lỗ hổng bảo mật có mức ảnh hưởng cao.

Cụ thể, 2 lỗ hổng bảo mật CVE-2022-21990, CVE-2022-23285 tồn tại trong Remote Desktop Client cho phép đối tượng tấn công thực thi mã từ xa. Cùng có điểm CVSS là 8.8, hai lỗ hổng bảo mật này đến các máy dùng Windows Server 2008/2012/2016/2019/2022, Windows 10/8.1/7. Các lỗ hổng đã có mã khai thác được công bố rộng rãi trên Internet.

Ngoài ra, trong bản Windows Server 2008/2012/2016/2019/2022 và Windows 11/10/8.1/7, lỗ hổng bảo mật CVE-2022-24459 trong Windows Fax và Scan Service cho phép đối tượng tấn công thực hiện tấn công leo thang đặc quyền.

Lỗ hổng bảo mật CVE-2022-24508 trong SMBv3 cho phép đối tượng tấn công thực thi mã từ xa trên Windows SMBv3 Client/Server. Lỗ hổng này ảnh hưởng đến các máy dùng Windows 10/11, Windows Server 2022.

Bên cạnh đó, lỗ hổng bảo mật CVE-2022-23277 trong Microsoft Exchange Server cho phép đối tượng tấn công thực thi mã từ xa với tài khoản xác thực hợp lệ; ảnh hưởng các máy dùng Microsoft Exchange Server 2019/2016/2013.

Đồng thời, lỗ hổng bảo mật CVE-2022-21967 tồn tại trong Xbox Live Auth Manager for Windows cho phép đối tượng tấn công thực hiện tấn công leo thang đặc quyền.

Trong khi đó, lỗ hổng bảo mật CVE-2022-22006 trong HEVC Video Extensions cho phép đối tượng tấn công thực thi mã từ xa; và lỗ hổng bảo mật CVE-2022-24501 trong VP9 Video Extensions cũng cho phép đối tượng tấn công thực thi mã từ xa.

Trước đó, Trung tâm Giám sát an toàn không gian mạng quốc gia (NCSC) thuộc Cục An toàn thông tin, Bộ Thông tin và Truyền thông cũng vừa cảnh báo các cơ quan, tổ chức về lỗ hổng bảo mật mới trong Linux Kernel. Linux Kernel là thành phần cốt lõi trong hệ điều hành Linux đã được sử dụng khá phổ biến tại Việt Nam.

Lỗ hổng bảo mật CVE-2022-0847 trong Linux Kernel cho phép đối tượng tấn công có thể ghi đè lên tệp trong hình ảnh container với tài khoản người dùng chỉ có quyền đọc (read-only), từ đó có thể thực hiện leo thang đặc quyền.

Hiện tại, lỗ hổng “CVE-2022-0847” tồn tại trong Linux Kernel đã có mã khai thác công bố rộng rãi trên Internet, trong khi đó chưa có biện pháp giảm thiểu nào cho lỗ hổng. Vì vậy, để đảm bảo an toàn thông tin cho hệ thống thông tin, các cơ quan, tổ chức cần cập nhật sớm bản vá.

Để đảm bảo an toàn thông tin cho hệ thống thông tin của các cơ quan, tổ chức, doanh nghiệp, từ đó góp phần bảo đảm an toàn cho không gian mạng Việt Nam, Cục An toàn thông tin khuyến nghị các đơn vị kiểm tra, rà soát, xác định máy sử dụng hệ điều hành Windows có khả năng bị ảnh hưởng; thực hiện cập nhật bản vá kịp thời để tránh nguy cơ bị tấn công.

Đặc biệt, các cơ quan, tổ chức, doanh nghiệp cần tăng cường giám sát và sẵn sàng phương án xử lý khi phát hiện có dấu hiệu bị khai thác, tấn công mạng; đồng thời theo dõi kênh cảnh báo của các cơ quan chức năng và các tổ chức lớn về an toàn thông tin để phát hiện kịp thời nguy cơ tấn công mạng.

Facebook Comments Box
Post Views: 4.199

Tags:

Comments (1761)

  • at most, and he could easily break through and become a witch, and the witch worm he had in his hands was only a ghost face viagra blue vision Methods Pure monolayers of retinal pigment epithelium RPE derived from human induced pluripotent stem cells hiPSCs harboring patient specific BEST1 mutations were cultured using protocols established by our lab

  • [url=https://nationalpharmacygroup.net/]ez pharmacy[/url] [url=https://fluoxetine.company/]buy prozac online[/url] [url=https://wellbutrin.directory/]wellbutrin xl[/url] [url=https://citalopramcelexa.shop/]celexa uk[/url] [url=https://ciprofloxacin.lol/]buy cipro[/url] [url=https://synthroid.pics/]price of synthroid 75 mcg[/url]

  • [url=https://tamoxifen247.com/]buy nolvadex online india[/url] [url=https://gabapentinx.com/]neurontin rx[/url] [url=https://sildenafilkamagra.shop/]how to purchase viagra online in india[/url] [url=https://acyclovir.wtf/]buy zovirax cream australia[/url]

  • [url=http://sildenafilkamagra.shop/]viagra tablet online purchase[/url] [url=http://thebarepharmacy.com/]pharmacy home delivery[/url] [url=http://augmentinp.com/]amoxicillin 250mg cost[/url] [url=http://plavix.cyou/]clopidogrel brand name[/url] [url=http://stratteratabs.online/]strattera 18 mg buy online[/url]

  • [url=http://dexamethasone.pics/]dexamethasone 24[/url] [url=http://synthroid.pics/]synthroid 132 mg[/url] [url=http://fluoxetines.com/]how to get prozac uk[/url] [url=http://acyclovir.wtf/]acyclovir tablets over the counter[/url] [url=http://paxil.company/]paxil generic cost[/url] [url=http://tamoxifena.online/]nolvadex 20 mg[/url] [url=http://baclofentabs.quest/]buying baclofen online[/url] [url=http://ciprofloxacin.lol/]cost of cipro[/url]

  • [url=https://baclofentabs.quest/]baclofen prescription cost[/url] [url=https://nationalpharmacygroup.net/]pharmacy canadian superstore[/url] [url=https://cymbalta.digital/]cymbalta mexico[/url]

  • [url=http://ulasix.online/]buy lasix cheap[/url] [url=http://mex-pharmacy.com/]canada pharmacy 24h[/url] [url=http://buycytotec.life/]misoprostol over the counter[/url] [url=http://dexamethasone.pics/]dexamethasone 8 mg tablets[/url] [url=http://zoloft.charity/]zoloft 1000mg[/url]

  • [url=http://celexatabs.com/]citalopram 10mg buy[/url] [url=http://plavix.cyou/]clopidogrel generic[/url] [url=http://sumycintetracycline.online/]tetracycline 500 mg capsule[/url] [url=http://mex-pharmacy.com/]us pharmacy no prescription[/url] [url=http://zoloft.charity/]zoloft where to buy[/url] [url=http://gabapentin.men/]neurontin 3[/url] [url=http://stratteratabs.online/]cost of strattera 40 mg[/url] [url=http://nationalpharmacygroup.net/]canadien pharmacies[/url]

  • propecia finapil Cancer risk Clomid clomiphene, made by Hoechst, is a fertility drug that acts upon the pituitary gland so that it increases the hormones involved in ovulation called LH and FSH, which results in a tremendous increase in ovarian activity

  • [url=http://wellbutrin.directory/]wellbutrin 10 mg[/url] [url=http://dexamethasone247.com/]4 dexamethasone[/url] [url=http://finpecia.company/]propecia medicine price in india[/url]

  • [url=http://gabapentin.men/]neurontin cost uk[/url] [url=http://tamoxifena.online/]tamoxifen order[/url] [url=http://trazodone.gives/]trazodone 100mg[/url] [url=http://fluoxetines.com/]over the counter prozac uk[/url] [url=http://zoloft.charity/]average cost of generic zoloft[/url]

  • The elders began to discuss, street street value for blood pressure medicine value for blood pressure medicine and street value for blood pressure medicine things to lower my blood pressure a considerable number of elders looked at the angry elder Sarah suspiciously buy clomid for men online Doxylamine succinate is a white to creamy white powder that is very soluble in water and alcohol, freely soluble in chloroform and very slightly soluble in ether and benzene

  • This is really interesting, You’re a very skilled blogger. I’ve joined your feed and look forward to seeking more of your magnificent post. Also, I’ve shared your site in my social networks!

  • naturally like your web site however you need to take a look at the spelling on several of your posts. A number of them are rife with spelling problems and I find it very bothersome to tell the truth on the other hand I will surely come again again.

  • I think this post makes sense and really helps me, so far I’m still confused, after reading the posts on this website I understand.

  • I’m often to blogging and i really appreciate your content. The article has actually peaks my interest. I’m going to bookmark your web site and maintain checking for brand spanking new information.

  • That’s good, but I still don’t understand the purpose of this page posting, no or what and where do they get material like this.

  • Hi there to all, for the reason that I am genuinely keen of reading this website’s post to be updated on a regular basis. It carries pleasant stuff.

  • You’re so awesome! I don’t believe I have read a single thing like that before. So great to find someone with some original thoughts on this topic. Really.. thank you for starting this up. This website is something that is needed on the internet, someone with a little originality!

  • Hi there to all, for the reason that I am genuinely keen of reading this website’s post to be updated on a regular basis. It carries pleasant stuff.

  • I am truly thankful to the owner of this web site who has shared this fantastic piece of writing at at this place.

  • Recent evidence supports a reduction in numerous biomarkers of endometrial cancer with weight loss buying cialis online safely Of course, to say that they like her very Anderson siddha medicine for type 1 diabetes in tamil much, it must not exist

  • That’s good, but I still don’t understand the purpose of this page posting, no or what and where do they get material like this.

  • I think this post makes sense and really helps me, so far I’m still confused, after reading the posts on this website I understand.

  • I think this post makes sense and really helps me, so far I’m still confused, after reading the posts on this website I understand.

  • Hi there to all, for the reason that I am genuinely keen of reading this website’s post to be updated on a regular basis. It carries pleasant stuff.

  • This is really interesting, You’re a very skilled blogger. I’ve joined your feed and look forward to seeking more of your magnificent post. Also, I’ve shared your site in my social networks!

  • Hi there to all, for the reason that I am genuinely keen of reading this website’s post to be updated on a regular basis. It carries pleasant stuff.

  • I am truly thankful to the owner of this web site who has shared this fantastic piece of writing at at this place.

  • I think the content you share is interesting, but for me there is still something missing, because the things discussed above are not important to talk about today.

  • This is really interesting, You’re a very skilled blogger. I’ve joined your feed and look forward to seeking more of your magnificent post. Also, I’ve shared your site in my social networks!

  • Very well presented. Every quote was awesome and thanks for sharing the content. Keep sharing and keep motivating others.

  • Hi there to all, for the reason that I am genuinely keen of reading this website’s post to be updated on a regular basis. It carries pleasant stuff.

  • This is really interesting, You’re a very skilled blogger. I’ve joined your feed and look forward to seeking more of your magnificent post. Also, I’ve shared your site in my social networks!

  • Hi there to all, for the reason that I am genuinely keen of reading this website’s post to be updated on a regular basis. It carries pleasant stuff.

  • This is really interesting, You’re a very skilled blogger. I’ve joined your feed and look forward to seeking more of your magnificent post. Also, I’ve shared your site in my social networks!

  • I’m often to blogging and i really appreciate your content. The article has actually peaks my interest. I’m going to bookmark your web site and maintain checking for brand spanking new information.

  • This is really interesting, You’re a very skilled blogger. I’ve joined your feed and look forward to seeking more of your magnificent post. Also, I’ve shared your site in my social networks!

  • Great information shared.. really enjoyed reading this post thank you author for sharing this post .. appreciated

  • I’m really enjoying the theme/design of your weblog. Do you ever run into any browser compatibility issues?
    A handful of my blog audience have complained about my blog not
    operating correctly in Explorer but looks great in Chrome.

    Do you have any tips to help fix this problem?

  • I think this post makes sense and really helps me, so far I’m still confused, after reading the posts on this website I understand.

  • I love your blog.. very nice colors & theme. Did you make this website
    yourself or did you hire someone to do it for you? Plz reply as I’m
    looking to create my own blog and would like to know where u got this from.
    thank you

  • Hi, I do believe this is an excellent website.
    I stumbledupon it 😉 I will revisit once again since i have saved as a favorite
    it. Money and freedom is the best way to change, may you be rich and continue to help other people.

  • I’m now not certain the place you are getting
    your information, however great topic. I must spend a while finding out more or understanding more.
    Thank you for great info I was on the lookout for this information for my mission.

  • No matter if some one searches for his necessary
    thing, therefore he/she wishes to be available that in detail, so that thing is
    maintained over here.

  • Very well presented. Every quote was awesome and thanks for sharing the content. Keep sharing and keep motivating others.

  • I loved as much as you will receive carried out right here.
    The sketch is attractive, your authored subject matter stylish.
    nonetheless, you command get got an impatience over that you wish be delivering the following.
    unwell unquestionably come further formerly again since exactly
    the same nearly a lot often inside case you shield this increase.

  • I’m always looking for web sites that sell real bags. I’ve purchased several bags over the last year. or simply the bags are always perfect, the shipping time is very prompt, and the communication is excellent. choose the I highly recommend this site to anyone who’s looking for real bags. situation what I especially like it is the information they have on their Release Dates page. This really helps me stay in tune with what’s going on in the world of bags.
    cheap louis vuitton online

  • If some one wishes to be updated with newest technologies afterward he
    must be go to see this website and be up to date every day.

  • Hey very nice website!! Guy .. Excellent .. Superb ..
    I will bookmark your blog and take the feeds also?
    I’m satisfied to find a lot of useful information here within the post,
    we’d like develop more strategies in this regard, thanks for sharing.
    . . . . .

  • Hey! This post could not be written any better! Reading this post reminds me of my
    good old room mate! He always kept talking about this.
    I will forward this write-up to him. Fairly certain he will have a good read.
    Many thanks for sharing!

  • Hi there every one, here every person is sharing these experience, therefore
    it’s fastidious to read this webpage, and I used to visit this blog everyday.

  • Good way of explaining, and fastidious piece of writing to obtain facts on the topic of my presentation topic, which i
    am going to deliver in college.

  • Why viewers still use to read news papers when in this technological globe the whole thing is available on web?

  • We are a group of volunteers and starting a new scheme in our community.

    Your website provided us with valuable information to work on. You
    have done a formidable job and our whole community will be grateful to you.

  • When I initially commented I clicked the “Notify me when new comments are added” checkbox and now each time a comment is added I get four e-mails with the same comment.
    Is there any way you can remove people from that
    service? Cheers!

  • Hmm is anyone else having problems with the pictures on this blog loading?

    I’m trying to figure out if its a problem on my end or if
    it’s the blog. Any feedback would be greatly appreciated.

  • Great work! This is the type of information that are supposed
    to be shared across the internet. Shame on the seek engines for no longer positioning
    this put up higher! Come on over and discuss with my web site .
    Thank you =)

  • I read this piece of writing completely concerning the resemblance of most up-to-date and preceding technologies, it’s awesome article.

  • Wow, this paragraph is nice, my sister is analyzing these kinds of
    things, thus I am going to convey her.