中心公告
2021/04/19
漏洞預警:
VMware vCenter存在安全漏洞(CVE-2021-21985~ 21986),允許攻擊者遠端執行任意程式碼,請儘速確認並進行更新
內容說明:
研究人員發現VMware vCenter存在安全漏洞(CVE-2021-21985~21986),遠端攻擊者可使用vSphere客戶端軟體(HTML5)藉由埠號443發送特定格式封包,利用此漏洞進而執行任意程式碼。
影響平台:
vCenter Server 7.0版本至7.0 U2b版本(不包含)
vCenter Server 6.7版本至6.7 U3n版本(不包含)
vCenter Server 6.5版本至6.5 U3p版本(不包含)
Cloud Foundation (vCenter Server) 4.0版本至4.2.1版本(不包含)
Cloud Foundation (vCenter Server) 3.0版本3.10.2.1版本(不包含)
建議措施:
VMware官方已發布平台修補版本並提供解決方案,請各機關聯絡設備維護廠商或參考以下網址進行更新:
1. https://www.vmware.com/security/advisories/VMSA-2021-0010.html
2. https://kb.vmware.com/s/article/83829
參考資料:
1. https://www.vmware.com/security/advisories/VMSA-2021-0010.html
2. https://kb.vmware.com/s/article/83829
2021/04/19
漏洞預警:
Adobe Acrobat與Reader應用程式存在多個安全漏洞,允許攻擊者遠端執行任意程式碼,請儘速確認並進行更新
內容說明:
Adobe釋出的安全性公告中提出Adobe Acrobat與Reader存在下列多項漏洞,攻擊者可藉由誘騙使用者點擊含有惡意程式碼之連結或檔案,進而利用漏洞執行任意程式碼。
1. 越界寫入(Out-of-Bounds Write)漏洞:CVE-2021-28564、CVE-2021-21044、CVE-2021-21038及CVE-2021-21086。
2. 越界讀取(Out-of-Bounds Read) 漏洞:CVE-2021-28555、CVE-2021-28557及CVE-2021-28565。
3. 使用釋放後記憶體(Use After Free) 漏洞:CVE-2021-28550、CVE-2021-28553及CVE-2021-28562。
4. 堆積型緩衝區溢位(Heap-based Buffer Overflow) 漏洞:CVE-2021-28558與CVE-2021-28560。
5. 緩衝區溢位(Buffer Overflow) 漏洞:CVE-2021-28561。
6. 暴露私人資訊(Exposure of Private Information) 漏洞:CVE-2021-28559。
影響平台:
以下所有程式之Windows與MacOS版本:
1.Continuous track versions:
•Acrobat DC Continuous track
Windows:versions 2021.001.20150(含)以前版本
MacOS:versions 2021.001.20149(含)以前的版本
•Acrobat Reader DC Continuous track
Windows:versions 2021.001.20150(含)以前的版本
MacOS:versions 2021.001.20149(含)以前的版本
2.Classic 2017 versions:
•Acrobat 2017 Classic 2017 versions 2017.011.30194(含)以前版本
•Acrobat Reader 2017 Classic 2017 versions 2017.011.30194(含)以前版本
3. Classic 2020 versions:
•Acrobat 2020 Classic 2020 versions 2020.001.30020(含)以前版本
•Acrobat Reader 2020 Classic 2020 versions 2020.001.30020(含)以前版本
建議措施:
1.請確認電腦目前使用版本,若為上述影響版本,請儘速更新至以下版本,檢查方式:啟動Acrobat或Reader程式,點選「說明」→「關於」,確認版本後可點選「說明」→「檢查更新」安裝更新程式。
2. Windows與MacOS版本亦可至下列網址進行更新:
(1)Continuous track version更新至2021.001.20155以後版本:
Acrobat DC:https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotesDC/index.html#continuous-track
Acrobat Reader DC:https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotesDC/index.html#continuous-track
(2)Classic 2017 versions更新至2017.011.30196 以後版本:
Acrobat 2017:https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotesDC/index.html#id3
Acrobat Reader 2017:https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotesDC/index.html#id3
(3) Classic 2020 versions更新至2020.001.30025以後版本:
Acrobat 2020:https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotesDC/index.html#classic-track
Acrobat Reader 2020:https://www.adobe.com/devnet-docs/acrobatetk/tools/ReleaseNotesDC/index.html#classic-track
參考資料:
1. https://helpx.adobe.com/security/products/acrobat/apsb21-29.html
2. https://thehackernews.com/2021/05/alert-hackers-exploit-adobe-reader-0.html
3. https://www.ithome.com.tw/news/144348
2021/04/19
漏洞預警:
微軟Hyper-V、HTTP通訊協定堆疊及Object Linking and Embedding(OLE)存在安全漏洞(CVE-2021-28476、CVE-2021-31166及CVE-2021-31194),允許攻擊者遠端執行任意程式碼,請儘速確認並進行更新
內容說明:
微軟Hyper-V、HTTP通訊協定堆疊及Object Linking and Embedding(OLE)存在安全漏洞(CVE-2021-28476、CVE-2021-31166及CVE-2021-31194),可能遭遠端攻擊者藉由發送特製封包或誘騙受害者存取特製網頁,進而利用漏洞執行任意程式碼。。
影響平台:
受影響版本如下:
CVE-2021-28476:
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for x64-based systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
CVE-2021-31166:
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server, version 2004 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
CVE-2021-31194:
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows 8.1 for x64-based systems
Windows RT 8.1
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows Server, version 2004 (Server Core installation)
Windows Server, version 20H2 (Server Core Installation)
建議措施:
目前微軟官方已針對此漏洞釋出更新程式,請各機關聯絡設備維護廠商或參考以下網址進行更新:
1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28476
2. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31166
3. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31194
參考資料:
1. https://www.ithome.com.tw/news/144350
2. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28476
3. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31166
4. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31194
2021/04/25
主旨:
漏洞預警:
微軟Microsoft Exchange Server存在安全漏洞(CVE-2021-28480~28483),允許攻擊者遠端執行任意程式碼,請儘速確認並進行更新
內容說明:
研究人員發現Microsoft Exchange Server因輸入驗證不正確而導致存在安全漏洞(CVE-2021-28480~28483),遠程攻擊者可藉由發送特製請求,利用此漏洞進而執行任意代碼。
影響平台:
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Exchange Server 2019
建議措施:
目前微軟官方已針對此漏洞釋出更新程式,請各機關聯絡設備維護廠商或參考以下網址進行更新:
1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28480
2. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28481
3. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28482
4. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28483
參考資料:
1. https://thehackernews.com/2021/04/nsa-discovers-new-vulnerabilities.html
2. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28480
3. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28481
4. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28482
5. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28483
6. https://www.cybersecurity-help.cz/vdb/SB2021041327
2021/04/19
漏洞預警:
Google Chrome與Microsoft Edge瀏覽器存在安全漏洞(CVE-2021-21194~21199),允許攻擊者遠端執行任意程式碼,請儘速確認並進行更新
內容說明:
研究人員發現Google Chrome與Microsoft Edge(基於Chromium)瀏覽器存在安全漏洞(CVE-2021-21194~21199),攻擊者可藉由誘騙受害者存取特製網頁,利用此漏洞進而遠端執行任意程式碼。
影響平台:
Google Chrome 89.0.4389.114 (不含)以前版本
Microsoft Edge 89.0.774.68 (不含)以前版本
建議措施:
請更新Google Chrome瀏覽器至89.0.4389.114以後版本,更新方式如下:
1.開啟瀏覽器,於網址列輸入chrome://settings/help,瀏覽器將執行版本檢查與自動更新。
2.點擊「重新啟動」完成更新。
請更新Microsoft Edge瀏覽器至89.0.774.68以後版本,更新方式如下:
1.開啟瀏覽器,於網址列輸入edge://settings/help,瀏覽器將執行版本檢查與自動更新。
2.點擊「重新啟動」完成更新。
參考資料:
1. https://www.ithome.com.tw/news/143851
2. https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html
3. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21194
4. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21195
5. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21196
6. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21197
7. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21198
8. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-21199