Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
Bkav phat hien Lo hong bao mat windows 8

Bkav phat hien Lo hong bao mat windows 8

Ratings: (0)|Views: 21 |Likes:
Published by chard4powder
Nguoi su dung Windows 8.1 can luu y rang phien ban he dieu hanh tuong chung duoc nang cap che do bao ve len muc tuyet doi nay co mot lo hong nghiem trong vua bi mot "hacker mu trang" Viet Nam phat hien.

Theo bai trinh bay cua anh Pham Van Toan - mot "hacker mu trang" tu do - trong hoi thao WhiteHat 2013 do Phongchongvirus.com to chuc vao ngay 29/10, cac phien ban he dieu hanh Windows cua Microsoft ngay cang kho tham nhap hon. Neu muon tham nhap vao he thong cua Windows 8 hay 8.1 (phien ban cap nhat moi nhat), cac hacker se phai duong dau voi nhung phuong phap bao ve manh nhat nhu VTGuard, Heap hardening (lam cung khoi xep), Force ASLR hoac High Entropy ASLR (ASLR la viet tat cua “Address space layout randomization” - “Ngau nhien hoa cach xep cho vung dia chi”).

The nhung, Microsoft lai de lo mot yeu huyet khi co gang tich hop san phan mem Adobe Flash Player vao Internet Explorer 10 (IE 10), mot trinh duyet web than thuoc cua Windows 8.

Khi tien hanh phan tich doan ma nguon cua Flash, anh Toan phat hien ra phan mem nay khi hoat dong luon su dung mot dia chi o nho duy nhat la 0d0d0000 (he thap luc phan). Diem yeu nay lam cho ky thuat ngau nhien hoa vung dia chi ASLR “giam di mot nua suc manh” vi tu do hacker co the lan ra het cac o dia chi khac de chay ma nguon virus va rootkit (phan mem an giau virus).

Trong bai dien thuyet, “hacker mu trang” nay cung chay thu mot kieu virus: khi nguoi dung su dung IE 10 vo y truy cap vao mot trang web cua ke tan cong thi phan mem tinh toan Calculator bong nhien bat ra. Do chi la mo phong con trong cac cuoc tan cong thuc te, thay cho Calculator se la cac loai virus va rootkit duoc kich hoat va phat tan.

Truoc day, cung co mot su viec gan nhu tuong tu vao nam 2008 khi Trung tam an ninh mang Bkis cua Bkav phat hien ra lo hong nguy hiem tren trinh duyet Chrome cua Google, chi vai ngay sau lan trinh duyet nay ra doi. Chien tich cua Bkis duoc Google cong nhan bang mot phan thuong 1.000 USD. Microsoft cung tung thua nhan va phat hanh ban va Windows Media Encoder voi 1 trong 4 lo hong nghiem trong va do Bkis canh bao.

Duoc biet, truoc khi phat hanh Windows 8.1, Microsoft co treo thuong len den 100.000 USD cho ai chi ra cach vuot rao va chay ma nguon virus.

Con doi voi nguoi dung, truoc khi cho Microsoft xem lai va phat hanh ban va, ho can de chung khi su dung Flash tren IE. Bkav cho biet ho da chuan bi tinh than ho tro cac nan nhan, dac biet la nhung doanh nghiep quy mo lon, neu gap phai virus tham nhap qua lo hong Flash, tuy vao viec ke tan cong su dung lo hong noi tren nhu the nao…
Nguoi su dung Windows 8.1 can luu y rang phien ban he dieu hanh tuong chung duoc nang cap che do bao ve len muc tuyet doi nay co mot lo hong nghiem trong vua bi mot "hacker mu trang" Viet Nam phat hien.

Theo bai trinh bay cua anh Pham Van Toan - mot "hacker mu trang" tu do - trong hoi thao WhiteHat 2013 do Phongchongvirus.com to chuc vao ngay 29/10, cac phien ban he dieu hanh Windows cua Microsoft ngay cang kho tham nhap hon. Neu muon tham nhap vao he thong cua Windows 8 hay 8.1 (phien ban cap nhat moi nhat), cac hacker se phai duong dau voi nhung phuong phap bao ve manh nhat nhu VTGuard, Heap hardening (lam cung khoi xep), Force ASLR hoac High Entropy ASLR (ASLR la viet tat cua “Address space layout randomization” - “Ngau nhien hoa cach xep cho vung dia chi”).

The nhung, Microsoft lai de lo mot yeu huyet khi co gang tich hop san phan mem Adobe Flash Player vao Internet Explorer 10 (IE 10), mot trinh duyet web than thuoc cua Windows 8.

Khi tien hanh phan tich doan ma nguon cua Flash, anh Toan phat hien ra phan mem nay khi hoat dong luon su dung mot dia chi o nho duy nhat la 0d0d0000 (he thap luc phan). Diem yeu nay lam cho ky thuat ngau nhien hoa vung dia chi ASLR “giam di mot nua suc manh” vi tu do hacker co the lan ra het cac o dia chi khac de chay ma nguon virus va rootkit (phan mem an giau virus).

Trong bai dien thuyet, “hacker mu trang” nay cung chay thu mot kieu virus: khi nguoi dung su dung IE 10 vo y truy cap vao mot trang web cua ke tan cong thi phan mem tinh toan Calculator bong nhien bat ra. Do chi la mo phong con trong cac cuoc tan cong thuc te, thay cho Calculator se la cac loai virus va rootkit duoc kich hoat va phat tan.

Truoc day, cung co mot su viec gan nhu tuong tu vao nam 2008 khi Trung tam an ninh mang Bkis cua Bkav phat hien ra lo hong nguy hiem tren trinh duyet Chrome cua Google, chi vai ngay sau lan trinh duyet nay ra doi. Chien tich cua Bkis duoc Google cong nhan bang mot phan thuong 1.000 USD. Microsoft cung tung thua nhan va phat hanh ban va Windows Media Encoder voi 1 trong 4 lo hong nghiem trong va do Bkis canh bao.

Duoc biet, truoc khi phat hanh Windows 8.1, Microsoft co treo thuong len den 100.000 USD cho ai chi ra cach vuot rao va chay ma nguon virus.

Con doi voi nguoi dung, truoc khi cho Microsoft xem lai va phat hanh ban va, ho can de chung khi su dung Flash tren IE. Bkav cho biet ho da chuan bi tinh than ho tro cac nan nhan, dac biet la nhung doanh nghiep quy mo lon, neu gap phai virus tham nhap qua lo hong Flash, tuy vao viec ke tan cong su dung lo hong noi tren nhu the nao…

More info:

Published by: chard4powder on Oct 31, 2013
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

05/08/2014

pdf

text

original

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->