{"id":949,"date":"2014-02-13T08:22:35","date_gmt":"2014-02-13T00:22:35","guid":{"rendered":"http:\/\/down.cdhaha.net\/?p=949"},"modified":"2014-02-14T16:25:19","modified_gmt":"2014-02-14T08:25:19","slug":"ms14-009-vulnerabilities-in-net-framework-could-allow-elevation-of-privilege-2916607","status":"publish","type":"post","link":"http:\/\/down.cdhaha.net\/?p=949","title":{"rendered":"MS14-009 Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2916607)"},"content":{"rendered":"<p><img decoding=\"async\" src=\"wp-content\/uploads\/2009\/02\/dotnet.gif\" alt=\".NET Framework\" title=\".NET Framework\" class=\"alignleft\" \/>\u6b64\u5b89\u5168\u66f4\u65b0\u53ef\u89e3\u51b3 Microsoft .NET Framework \u4e2d\u4e24\u4e2a\u516c\u5f00\u62ab\u9732\u7684\u6f0f\u6d1e\u548c\u4e00\u4e2a\u79d8\u5bc6\u62a5\u544a\u7684\u6f0f\u6d1e\u3002\u5982\u679c\u7528\u6237\u8bbf\u95ee\u5305\u542b\u7279\u5236 Web \u5185\u5bb9\u7684\u7279\u5236\u7f51\u7ad9\uff0c\u6700\u4e25\u91cd\u7684\u6f0f\u6d1e\u53ef\u80fd\u5141\u8bb8\u7279\u6743\u63d0\u5347\u3002\u4f46\u662f\u5728\u6240\u6709\u60c5\u51b5\u4e0b\uff0c\u653b\u51fb\u8005\u65e0\u6cd5\u5f3a\u5236\u7528\u6237\u8bbf\u95ee\u6b64\u7c7b\u7f51\u7ad9\u3002\u76f8\u53cd\uff0c\u653b\u51fb\u8005\u5fc5\u987b\u8bf1\u4f7f\u7528\u6237\u8bbf\u95ee\u88ab\u7834\u574f\u7684\u7f51\u7ad9\uff0c\u65b9\u6cd5\u901a\u5e38\u662f\u8ba9\u7528\u6237\u5355\u51fb\u7535\u5b50\u90ae\u4ef6\u6216 Instant Messenger \u6d88\u606f\u4e2d\u7684\u94fe\u63a5\u4ee5\u4f7f\u4ed6\u4eec\u94fe\u63a5\u5230\u653b\u51fb\u8005\u7684\u7f51\u7ad9\u3002<\/p>\n<p>\u5bf9\u4e8e <strong>Microsoft Windows \u53d7\u5f71\u54cd\u7248\u672c\u4e0a\u7684 Microsoft .NET Framework 1.0 Service Pack 3\u3001Microsoft .NET Framework 1.1 Service Pack 1\u3001Microsoft .NET Framework 2.0 Service Pack 2\u3001Microsoft .NET Framework 3.5\u3001Microsoft .NET Framework 3.5.1\u3001Microsoft .NET Framework 4\u3001Microsoft .NET Framework 4.5 \u548c Microsoft .NET Framework 4.5.1<\/strong>\uff0c\u6b64\u5b89\u5168\u66f4\u65b0\u7684\u7b49\u7ea7\u4e3a\u201c\u91cd\u8981\u201d\u3002<\/p>\n<p>\u8be5\u5b89\u5168\u66f4\u65b0\u901a\u8fc7\u66f4\u6b63\u5b83\u7ec8\u6b62\u7531\u5ba2\u6237\u7aef\u542f\u52a8\u7684\u8fc7\u65f6\u6216\u5df2\u5173\u95ed\u7684 HTTP \u8bf7\u6c42\u7684\u65b9\u5f0f\u3001\u6539\u8fdb\u5b83\u786e\u8ba4\u67d0\u79cd\u65b9\u6cd5\u53ef\u5b89\u5168\u6267\u884c\u4ee5\u53ca\u786e\u4fdd\u6b63\u786e\u5b9e\u65bd\u5730\u5740\u7a7a\u95f4\u5e03\u5c40\u968f\u673a\u5316 (ASLR) \u6765\u89e3\u51b3 Microsoft .NET Framework \u4e2d\u7684\u6f0f\u6d1e\u3002<br \/>\n<!--more--><\/p>\n<p>\u5efa\u8bae\u3002 \u5927\u591a\u6570\u5ba2\u6237\u5747\u542f\u7528\u4e86\u81ea\u52a8\u66f4\u65b0\uff0c\u4ed6\u4eec\u4e0d\u5fc5\u91c7\u53d6\u4efb\u4f55\u64cd\u4f5c\uff0c\u56e0\u4e3a\u6b64\u5b89\u5168\u66f4\u65b0\u5c06\u81ea\u52a8\u4e0b\u8f7d\u5e76\u5b89\u88c5\u3002\u5c1a\u672a\u542f\u7528\u201c\u81ea\u52a8\u66f4\u65b0\u201d\u7684\u5ba2\u6237\u5fc5\u987b\u68c0\u67e5\u66f4\u65b0\uff0c\u5e76\u624b\u52a8\u5b89\u88c5\u6b64\u66f4\u65b0\u3002\u6709\u5173\u81ea\u52a8\u66f4\u65b0\u4e2d\u7279\u5b9a\u914d\u7f6e\u9009\u9879\u7684\u4fe1\u606f\uff0c\u8bf7\u53c2\u9605 Microsoft \u77e5\u8bc6\u5e93\u6587\u7ae0 294871\u3002<\/p>\n<p>\u5bf9\u4e8e\u7ba1\u7406\u5458\u3001\u4f01\u4e1a\u5b89\u88c5\u6216\u8005\u60f3\u8981\u624b\u52a8\u5b89\u88c5\u6b64\u5b89\u5168\u66f4\u65b0\u7684\u6700\u7ec8\u7528\u6237\uff0cMicrosoft \u5efa\u8bae\u5ba2\u6237\u4f7f\u7528\u66f4\u65b0\u7ba1\u7406\u8f6f\u4ef6\u5c3d\u65e9\u5e94\u7528\u6b64\u66f4\u65b0\u6216\u8005\u5229\u7528 Microsoft Update \u670d\u52a1\u68c0\u67e5\u66f4\u65b0\u3002<\/p>\n<p>\u53e6\u8bf7\u53c2\u9605\u672c\u516c\u544a\u540e\u9762\u90e8\u5206\u4e2d\u7684\u201c\u68c0\u6d4b\u548c\u90e8\u7f72\u5de5\u5177\u53ca\u6307\u5bfc\u201d\u4e00\u8282\u3002<\/p>\n<p><strong>English Version<\/strong><br \/>\n<a href=\"http:\/\/technet.microsoft.com\/en-us\/security\/bulletin\/ms14-009\" target=\"_blank\">http:\/\/technet.microsoft.com\/en-us\/security\/bulletin\/ms14-009<\/a><\/p>\n<p><strong>\u7b80\u4f53\u4e2d\u6587\u7248<\/strong><br \/>\n<a href=\"http:\/\/technet.microsoft.com\/zh-cn\/security\/bulletin\/MS14-009\" target=\"_blank\">http:\/\/technet.microsoft.com\/zh-cn\/security\/bulletin\/MS14-009<\/a><\/p>\n<p>&nbsp;<\/p>\n<!-- AddThis Advanced Settings generic via filter on the_content --><!-- AddThis Share Buttons generic via filter on the_content -->","protected":false},"excerpt":{"rendered":"<p>\u6b64\u5b89\u5168\u66f4\u65b0\u53ef\u89e3\u51b3 Microsoft .NET Framework \u4e2d\u4e24\u4e2a\u516c\u5f00\u62ab\u9732\u7684\u6f0f\u6d1e\u548c\u4e00\u4e2a\u79d8\u5bc6\u62a5\u544a\u7684\u6f0f\u6d1e\u3002\u5982\u679c\u7528\u6237\u8bbf\u95ee\u5305\u542b\u7279\u5236 Web \u5185\u5bb9\u7684\u7279\u5236\u7f51\u7ad9\uff0c\u6700\u4e25\u91cd\u7684\u6f0f\u6d1e\u53ef\u80fd\u5141\u8bb8\u7279\u6743\u63d0\u5347\u3002\u4f46\u662f\u5728\u6240\u6709\u60c5\u51b5\u4e0b\uff0c\u653b\u51fb\u8005\u65e0\u6cd5\u5f3a\u5236\u7528\u6237\u8bbf\u95ee\u6b64\u7c7b\u7f51\u7ad9\u3002\u76f8\u53cd\uff0c\u653b\u51fb\u8005\u5fc5\u987b\u8bf1\u4f7f\u7528\u6237\u8bbf\u95ee\u88ab\u7834\u574f\u7684\u7f51\u7ad9\uff0c\u65b9\u6cd5\u901a\u5e38\u662f\u8ba9\u7528\u6237\u5355\u51fb\u7535\u5b50\u90ae\u4ef6\u6216 Instant Messenger \u6d88\u606f\u4e2d\u7684\u94fe\u63a5\u4ee5\u4f7f\u4ed6\u4eec\u94fe\u63a5\u5230\u653b\u51fb\u8005\u7684\u7f51\u7ad9\u3002 \u5bf9\u4e8e Microsoft Windows \u53d7\u5f71\u54cd\u7248\u672c\u4e0a\u7684 Microsoft .NET Framework 1.0 Service Pack&#8230;<!-- AddThis Advanced Settings generic via filter on get_the_excerpt --><!-- AddThis Share Buttons generic via filter on get_the_excerpt --><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[975],"tags":[614,618],"_links":{"self":[{"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/posts\/949"}],"collection":[{"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=949"}],"version-history":[{"count":0,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=\/wp\/v2\/posts\/949\/revisions"}],"wp:attachment":[{"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=949"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=949"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/down.cdhaha.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=949"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}