{"id":2318,"date":"2021-09-17T17:53:44","date_gmt":"2021-09-17T09:53:44","guid":{"rendered":"https:\/\/likearisingsun.com.my\/?p=2318"},"modified":"2021-09-17T18:06:03","modified_gmt":"2021-09-17T10:06:03","slug":"exploitation-of-a-mshtml-vulnerability-right-before-windows-11-launch-cve-2021-40444","status":"publish","type":"post","link":"https:\/\/likearisingsun.com.my\/jp\/exploitation-of-a-mshtml-vulnerability-right-before-windows-11-launch-cve-2021-40444\/","title":{"rendered":"Windows 11\u767a\u58f2\u76f4\u524d\u306eMSHTML\u8106\u5f31\u6027\u306e\u60aa\u7528\u306b\u3064\u3044\u3066\uff08CVE 2021-40444\uff09"},"content":{"rendered":"
\"\"<\/figure>\n\n\n\n

\u4e16\u754c\u304c\u5927\u304d\u306a\u7bc0\u76ee\u3092\u8fce\u3048\u308b\u305f\u3073\u306b\u3001\u8105\u5a01\u306e\u4e3b\u4f53\u306f\u3053\u308c\u307e\u3067\u3082\u3001\u305d\u3057\u3066\u3053\u308c\u304b\u3089\u3082\u3001\u8106\u5f31\u6027\u3092\u60aa\u7528\u3059\u308b\u9769\u65b0\u7684\u306a\u624b\u6cd5\u3092\u57f7\u62d7\u306b\u5c0e\u5165\u3057\u3066\u304d\u307e\u3057\u305f\u3002\u6628\u5e74\u672b\u306e2020\u5e7412\u6708\u306b\u306f\u3001IBM X-Force\u306e\u8105\u5a01\u30a2\u30ca\u30ea\u30b9\u30c8\u304c\u3001Covid-19\u30ef\u30af\u30c1\u30f3\u306e\u30b5\u30d7\u30e9\u30a4\u30c1\u30a7\u30fc\u30f3\u3092\u72d9\u3063\u305f\u69d8\u3005\u306a\u30e1\u30fc\u30eb\u306b\u3088\u308b\u30d5\u30a3\u30c3\u30b7\u30f3\u30b0\u653b\u6483\u3092\u6458\u767a\u3057\u307e\u3057\u305f\u3002[1]<\/a>\u305d\u3057\u30662021\u5e74\u306b\u660e\u3051\u3066\u304b\u3089\u306f\u3001\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u793e\u304c\u307b\u307c\u6bce\u6708\u30bc\u30ed\u30c7\u30a4\u8106\u5f31\u6027\u306b\u30d1\u30c3\u30c1\u3092\u5f53\u3066\u3066\u304a\u308a\u3001\u305d\u306e\u4e2d\u3067\u3082\u4eba\u6c17\u304c\u9ad8\u304f\u5e83\u304f\u666e\u53ca\u3057\u3066\u3044\u308b\u3082\u306e\u306b\u306f\u3001\u6700\u8fd1\u306eWindows Print Spooler\u306e\u8106\u5f31\u6027\u3067\u3042\u308bPrintNightmare CVE-2021-36958\u304c\u3042\u308a\u307e\u3059\u3002[2]<\/a><\/p>\n\n\n\n

\u672c\u7a3f\u57f7\u7b46\u6642\u70b9\u3067\u306f\u30012021\u5e7410\u67085\u65e5\u306bWindows 11\u306e\u767a\u58f2\u304c\u4e88\u5b9a\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u5f53\u7136\u306e\u3053\u3068\u306a\u304c\u3089\u3001\u3053\u308c\u3092\u5229\u7528\u3057\u305f\u65b0\u305f\u306a\u8105\u5a01\u304c\u51fa\u73fe\u3057\u3066\u3044\u307e\u3059\u3002\u3053\u3053\u3067\u306f\u3001\u6b66\u5668\u5316\u3055\u308c\u305fOffice\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u3092\u4ecb\u3057\u3066\u3001\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\uff08RCE\uff09\u3092\u53ef\u80fd\u306b\u3059\u308bCVE 2021-40444\u306e\u60aa\u7528\u306b\u3064\u3044\u3066\u7c21\u5358\u306b\u3054\u7d39\u4ecb\u3057\u307e\u3059\u3002\u3053\u306e\u653b\u6483\u30d9\u30af\u30c8\u30eb\u306f\u3001\u8106\u5f31\u306aMSHTML\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u3092\u30bf\u30fc\u30b2\u30c3\u30c8\u306b\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n\n\n\n

\u8d77\u6e90\u3068\u6a19\u7684<\/h4>\n\n\n\n

<\/p>\n\n\n\n

\u4eca\u67082021\u5e749\u6708\u521d\u65ec\u3001\u4fee\u6b63\u3055\u308c\u6b66\u5668\u5316\u3055\u308c\u305fOffice\u6587\u66f8\u3092\u4ecb\u3057\u3066\u30bc\u30ed\u30c7\u30a4\u8106\u5f31\u6027\u304c\u60aa\u7528\u3055\u308c\u307e\u3057\u305f\u3002\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u4f01\u696dAnomali\u306e\u7814\u7a76\u8005\u306f\u305d\u306e\u51fa\u6240\u306b\u3064\u3044\u3066\u30012018\u5e74\u4ee5\u964d\u306bFIN7\u30b0\u30eb\u30fc\u30d7\u304c\u3088\u304f\u4f7f\u7528\u3057\u3066\u3044\u305f\u985e\u4f3c\u306e\u64cd\u4f5c\u65b9\u6cd5\u3067\u3042\u308b\u3068\u6307\u6458\u3057\u3066\u3044\u307e\u3059\u3002[3]<\/a> \u3053\u306e\u30b0\u30eb\u30fc\u30d7\u306f\u3001POS\uff08Point of Sales\uff09\u30b7\u30b9\u30c6\u30e0\u3092\u597d\u3093\u3067\u6a19\u7684\u306b\u3057\u3066\u304d\u305f\u7d4c\u7def\u304c\u3042\u308b\u305f\u3081\u3001\u3053\u306e\u30de\u30eb\u30a6\u30a7\u30a2\u3082\u4f8b\u5916\u3067\u306f\u306a\u304f\u3001\u540c\u69d8\u306e\u7bc4\u56f2\u3092\u5bfe\u8c61\u3068\u3057\u3066\u3044\u307e\u3059\u3002\u3064\u307e\u308a\u3001\u5c0f\u58f2\u5e97\u3001\u30ec\u30b9\u30c8\u30e9\u30f3\u3001\u5b9f\u5e97\u8217\u306a\u3069\u304c\u88ab\u5bb3\u8005\u3068\u306a\u308b\u53ef\u80fd\u6027\u304c\u9ad8\u3044\u306e\u3067\u3059\u3002\u7279\u306b\u6a19\u7684\u3068\u306a\u308b\u306e\u306f\u3001\u30af\u30ec\u30b8\u30c3\u30c8\u30ab\u30fc\u30c9\u60c5\u5831\u3001\u540d\u524d\u3001\u96fb\u5b50\u30e1\u30fc\u30eb\u30a2\u30c9\u30ec\u30b9\u306a\u3069\u306e\u652f\u6255\u3044\u60c5\u5831\u3067\u3059\u3002<\/p>\n\n\n\n

\u30e6\u30fc\u30b6\u30fc\u3068\u3057\u3066\u306e\u5b89\u5168\u6027\u78ba\u4fdd<\/h4>\n\n\n\n

<\/p>\n\n\n\n

\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u3092\u5b89\u5168\u306b\u53d6\u308a\u6271\u3046\u305f\u3081\u306e\u6700\u5584\u306e\u65b9\u6cd5\u3092\u5e38\u306b\u9075\u5b88\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u3053\u308c\u306b\u95a2\u9023\u3057\u3066\u3001\u691c\u8a3c\u3055\u308c\u3066\u3044\u306a\u3044\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u3092\u958b\u304f\u969b\u306b\u3001\u300c\u30b3\u30f3\u30c6\u30f3\u30c4\u3092\u6709\u52b9\u306b\u3059\u308b\u300d\u30dc\u30bf\u30f3\u3092\u6025\u3044\u3067\u30af\u30ea\u30c3\u30af\u3057\u3066\u306f\u3044\u3051\u307e\u305b\u3093\u3002 <\/p>\n\n\n\n

\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u305f\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u306f\u3001\u958b\u304f\u524d\u306b\u30a2\u30f3\u30c1\u30de\u30eb\u30a6\u30a7\u30a2\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\uff08\u4e00\u822c\u7684\u306b\u306f\u300c\u30a2\u30f3\u30c1\u30a6\u30a3\u30eb\u30b9\u300d\uff09\u3067\u30b9\u30ad\u30e3\u30f3\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002 <\/p>\n\n\n\n

\u79c1\u305f\u3061\u306e\u7d4c\u9a13\u3067\u306f\u3001\u901a\u5e38\u306e\u4f01\u696d\u74b0\u5883\u3067\u306e\u307b\u3068\u3093\u3069\u30b1\u30fc\u30b9\u3067\u306f\u3001\u7279\u306bWord\u3084PowerPoint\u306e\u30d5\u30a1\u30a4\u30eb\u3067\u30de\u30af\u30ed\u3092\u6709\u52b9\u306b\u3057\u305f\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u3092\u5fc5\u8981\u3068\u3059\u308b\u3053\u3068\u306f\u307b\u3068\u3093\u3069\u3042\u308a\u307e\u305b\u3093\u3002\u3064\u307e\u308a\u3001\u901a\u5e38\u306e\u9023\u7d61\u5148\u304b\u3089\u305d\u306e\u3088\u3046\u306a\u30d5\u30a1\u30a4\u30eb\u3092\u53d7\u4fe1\u3057\u3001\u300c\u30de\u30af\u30ed\u30b3\u30f3\u30c6\u30f3\u30c4\u3092\u6709\u52b9\u306b\u3059\u308b\u300d\u3068\u3044\u3046\u8981\u6c42\u306b\u6c17\u3065\u3044\u305f\u5834\u5408\u3001\u305d\u308c\u306f\u60aa\u610f\u306e\u3042\u308b\u611f\u67d3\u3057\u305f\u30d5\u30a1\u30a4\u30eb\u3067\u3042\u308b\u53ef\u80fd\u6027\u304c\u9ad8\u3044\u3068\u3044\u3046\u3053\u3068\u3067\u3059\u3002\u305d\u306e\u30d5\u30a1\u30a4\u30eb\u3092\u524a\u9664\u3057\u3001\u30de\u30eb\u30a6\u30a7\u30a2\u304c\u306a\u3044\u304b\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf\u30fc\u306e\u30d5\u30eb\u30b9\u30ad\u30e3\u30f3\u3092\u884c\u3046\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002\u3053\u306e\u6642\u70b9\u3067\u3001\u3059\u3050\u306bIT\u7ba1\u7406\u8005\u307e\u305f\u306f\u90e8\u9580\u306b\u9023\u7d61\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n\n\n\n

\u3053\u306e\u554f\u984c\u306b\u7cbe\u901a\u3057\u3066\u3044\u308b\u30e6\u30fc\u30b6\u30fc\u3084IT\u7ba1\u7406\u8005\u306e\u305f\u3081\u306b\u3001\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u306f\u3053\u306e\u60aa\u7528\u306e\u5f71\u97ff\u3092\u8efd\u6e1b\u3059\u308b\u305f\u3081\u306e\u56de\u907f\u7b56\u3084\u65b9\u6cd5\u3092\u63d0\u6848\u3057\u3066\u3044\u307e\u3059\u3002\u30ec\u30b8\u30b9\u30c8\u30ea\u30ad\u30fc\u306e\u5909\u66f4\u307e\u305f\u306f\u30b0\u30eb\u30fc\u30d7\u30dd\u30ea\u30b7\u30fc\u306e\u4fee\u6b63\u306b\u3088\u308a\u3001Internet Explorer\u5185\u306eActiveX\u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\u3092\u7121\u52b9\u306b\u3059\u308b\u3053\u3068\u3067\u3059\u3002 \u8a73\u7d30\u306a\u624b\u9806\u306f\u3053\u3061\u3089\u3092\u3054\u53c2\u7167\u304f\u3060\u3055\u3044\u3002<\/a> <\/p>\n\n\n\n

\u52d5\u4f5c\u306e\u5206\u6790<\/h4>\n\n\n\n

<\/p>\n\n\n\n

\u7121\u9632\u5099\u306a\u88ab\u5bb3\u8005\u306b\u691c\u8a3c\u3055\u308c\u3066\u3044\u306a\u3044\u30b3\u30fc\u30c9\u3092\u5b9f\u884c\u3055\u305b\u308b\u65b9\u6cd5\u306b\u3064\u3044\u3066\u306f\u3001\u30bd\u30fc\u30b7\u30e3\u30eb\u30a8\u30f3\u30b8\u30cb\u30a2\u30ea\u30f3\u30b0\u304c\u91cd\u8981\u306a\u5f79\u5272\u3092\u679c\u305f\u3057\u3066\u3044\u307e\u3059\u3002\u4f55\u306e\u5909\u54f2\u3082\u306a\u3044Microsoft Office\u6587\u66f8\u304c\u3001\u73fe\u884c\u306eWindows 10\u3068\u6b21\u671fWindows 11\u3068\u306e\u9593\u306e\u4e92\u63db\u6027\u306e\u554f\u984c\u306b\u3088\u308a\u3001\u4e0d\u6b63\u306b\u8868\u793a\u3055\u308c\u3066\u3044\u307e\u3059\u3002\u3053\u308c\u306b\u3088\u308a\u3001\u30e6\u30fc\u30b6\u30fc\u306f\u753b\u9762\u4e0a\u306e\u6307\u793a\u306b\u5f93\u3063\u3066\u300c\uff08\u30de\u30af\u30ed\uff09\u30b3\u30f3\u30c6\u30f3\u30c4\u3092\u6709\u52b9\u306b\u3059\u308b\u300d\u3068\u3044\u3046\u64cd\u4f5c\u3092\u884c\u3046\u3053\u3068\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n\n\n\n

\u88ab\u5bb3\u8005\u304c\u30de\u30af\u30ed\u30b3\u30f3\u30c6\u30f3\u30c4\u3092\u6709\u52b9\u306b\u3059\u308b\u3068\u3001\u96e3\u8aad\u5316\u3055\u308c\u305fVBA\u30b9\u30af\u30ea\u30d7\u30c8\u304c\u5b9f\u884c\u3055\u308c\u307e\u3059\u3002\u3053\u306e\u30b9\u30af\u30ea\u30d7\u30c8\u306f\u3001\u30d6\u30e9\u30a6\u30b6\u306e\u30ec\u30f3\u30c0\u30ea\u30f3\u30b0\u30a8\u30f3\u30b8\u30f3\u3092\u4f7f\u7528\u3057\u3066\u30ed\u30fc\u30c9\u3055\u308c\u305f\u60aa\u610f\u306e\u3042\u308bActiveX\u30b3\u30f3\u30c8\u30ed\u30fc\u30eb\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3066\u5b9f\u884c\u3057\u307e\u3059\u3002\u3053\u308c\u306f\u3001\u3057\u3070\u3089\u304f\u524d\u306b\u5ec3\u6b62\u3055\u308c\u3001\u73fe\u5728\u306eEdge\u30d6\u30e9\u30a6\u30b6\u306b\u53d6\u3063\u3066\u4ee3\u308f\u3089\u308c\u305f\u306b\u3082\u304b\u304b\u308f\u3089\u305a\u3001\u3044\u307e\u3060\u306b\u69d8\u3005\u306a\u30de\u30b7\u30f3\u306b\u642d\u8f09\u3055\u308c\u3066\u3044\u308b\u65e7\u5f0f\u306eInternet Explorer\u30ec\u30f3\u30c0\u30ea\u30f3\u30b0\u30e2\u30b8\u30e5\u30fc\u30eb\u3092\u4ecb\u3057\u3066\u884c\u308f\u308c\u307e\u3059\u3002<\/p>\n\n\n\n

\u30de\u30eb\u30a6\u30a7\u30a2\u306e\u914d\u4fe1\u3068\u5b9f\u884c\u306b\u95a2\u3059\u308b\u8a73\u7d30\u306a\u5206\u6790\u306b\u3064\u3044\u3066\u306f\u3001\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u793e\u304c\u3053\u3061\u3089\u3067\u7d39\u4ecb\u3057\u3066\u3044\u307e\u3059\u3002<\/a>. <\/p>\n\n\n\n

\u30d1\u30c3\u30c1\u3068\u4fee\u6b63<\/h4>\n\n\n\n

<\/p>\n\n\n\n

2021\u5e749\u670814\u65e5\uff08\u706b\uff09\u3001\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u793e\u306f\u3053\u306e\u8106\u5f31\u6027\u306b\u5bfe\u3059\u308b\u30d1\u30c3\u30c1\u3092\u30ea\u30ea\u30fc\u30b9\u3057\u307e\u3057\u305f\u304c\u3001\u305d\u306e\u6709\u52b9\u6027\u306f\u307e\u3060\u8a3c\u660e\u3055\u308c\u3066\u304a\u3089\u305a\u3001\u6642\u9593\u306e\u7d4c\u904e\u3068\u3068\u3082\u306b\u660e\u3089\u304b\u306b\u306a\u308b\u3067\u3057\u3087\u3046\u3002\u6211\u3005\u306f\u3001\u3053\u306e\u8106\u5f31\u6027\u306e\u591a\u304f\u306e\u4e9c\u7a2e\u307e\u305f\u306f\u7cfb\u7d71\u304c\u3001\u307e\u3060\u691c\u51fa\u3055\u308c\u305a\u306b\u3059\u3067\u306b\u5b58\u5728\u3057\u3066\u3044\u308b\u3068\u78ba\u4fe1\u3057\u3066\u3044\u307e\u3059\u3002\u4eca\u56de\u306e\u30d1\u30c3\u30c1\u304c\u3001\u65b0\u3057\u3044\u4e9c\u7a2e\u3084\u4ed6\u306e\u4e9c\u7a2e\u306b\u5bfe\u3057\u3066\u3069\u306e\u3088\u3046\u306a\u52b9\u679c\u3092\u6301\u3064\u304b\u306f\u3001\u307e\u3060\u691c\u8a3c\u3055\u308c\u3066\u3044\u307e\u305b\u3093\u3002<\/p>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

\u8457\u8005\uff1aMartin Liau<\/p>\n\n\n\n

\n\n\n\n

[1]<\/a> https:\/\/securityintelligence.com\/posts\/ibm-uncovers-global-phishing-covid-19-vaccine-cold-chain\/<\/p>\n\n\n\n

[2]<\/a> https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-36958<\/p>\n\n\n\n

[3]<\/a> https:\/\/www.anomali.com\/blog\/cybercrime-group-fin7-using-windows-11-alpha-themed-docs-to-drop-javascript-backdoor<\/p>","protected":false},"excerpt":{"rendered":"

With every major milestone the world sees, threat actors have, and will remain ever persistent in introducing innovative methods to exploit vulnerabilities. Late last year in December 2020, threat analysts at IBM X-Force uncovered various email phishing attacks targeting Covid-19 vaccine supply chains[1]. Then, the dawn of 2021 has seen Microsoft patching zero-day vulnerabilities virtually […]<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[11],"tags":[],"class_list":["post-2318","post","type-post","status-publish","format-standard","hentry","category-articles"],"aioseo_notices":[],"aioseo_head":"\n\t\t\n\t\n\t\n\t\n\t\n\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t\n\t\t