Windows Notepad App Remote Code Execution Vulnerability

Chiwopsezo chovuta cha Windows Notepad App Remote Code Execution (RCE) chadziwika, chomwe chimalola oukirawo kuti apereke ma code olakwika pamakina omwe akhudzidwa ndikupusitsa ogwiritsa ntchito kuti atsegule fayilo yopangidwa mwapadera. Kumvetsetsa momwe chiwopsezochi chimagwirira ntchito - komanso momwe mungatetezere bizinesi yanu - ndikofunikira ku bungwe lililonse lomwe likugwira ntchito masiku ano omwe ali pachiwopsezo.

Kodi Vulnerability ya Windows Notepad Remote Code ndi Chiyani Kwenikweni?

Windows Notepad, yomwe kwa nthawi yayitali imawonedwa ngati yopanda vuto, yolemba ma barebones yophatikizidwa ndi mtundu uliwonse wa Microsoft Windows, m'mbuyomu idawonedwa ngati yosavuta kwambiri kukhala ndi zolakwika zazikulu zachitetezo. Lingaliro limenelo latsimikizira kukhala lolondola mowopsa. Chiwopsezo cha Windows Notepad App Remote Code Execution chimagwiritsa ntchito zofooka za momwe Notepad imasanthulira mafayilo ena ndi kusamalira magawano a chikumbutso popereka zolemba.

Pakati pake, kusatetezeka kwa gulu ili kumaphatikizapo kusefukira kwa buffer kapena kuwonongeka kwa kukumbukira komwe kumayambitsa Notepad ikakonza fayilo yopangidwa moyipa. Wogwiritsa ntchito akatsegula chikalata chopangidwa - chomwe nthawi zambiri chimabisika ngati .txt kapena fayilo ya log - yopanda vuto - chipolopolo cha wowukirayo chimagwira mogwirizana ndi gawo la wogwiritsa ntchito. Chifukwa Notepad imayenda ndi zilolezo za munthu amene walowa muakaunti, wowukirayo atha kuwongolera zonse zomwe zili muakauntiyo, kuphatikiza mwayi wowerengera / kulemba mafayilo obisika ndi zida zamanetiweki.

Microsoft yapereka upangiri wokhudzana ndi chitetezo chokhudzana ndi Notepad m'zaka zaposachedwa kudzera mumayendedwe ake a Patch Lachiwiri, ndi zovuta zomwe zidalembedwa pansi pa CVEs zomwe zimakhudza Windows 10, Windows 11, ndi Windows Server editions. Makinawa ndi osasinthasintha: kulephera kwamalingaliro kumapangitsa kuti zinthu zitheke zomwe zimadutsa chitetezo chokhazikika pamakumbukiro.

Kodi Attack Vector Imagwira Ntchito Motani mu Zochitika Zapadziko Lonse?

Kumvetsetsa za unyolo wothandizira kumathandizira mabungwe kupanga chitetezo champhamvu. Mchitidwe wodyera masuku pamutu umatsatira motere:

• Kutumiza: Wowukirayo amapanga fayilo yoyipa ndikuigawa kudzera pa imelo yachinyengo, maulalo otsitsa oyipa, ma drive a netiweki ogawana, kapena ntchito zosungika mumtambo zomwe zawonongeka.
• Chiyambi chakupha: Wozunzidwa akudina kawiri fayilo, yomwe imatsegulidwa mu Notepad mwachisawawa chifukwa cha zokonda za Windows zogwirizanitsa mafayilo a .txt, .log, ndi zowonjezera zina.
• Kugwiritsa ntchito Memory: Injini yosinthira ya Notepad imakumana ndi data yosasinthika, zomwe zimapangitsa kuti mulu kapena mulu wosefukira womwe umaposa zolozera zokumbukira zomwe zimakhala ndi zowongolera zowukira.
• Shellcode execution: Kuwongolera kumayendetsedwa kumalo olipidwa ophatikizidwa, omwe amatha kutsitsa pulogalamu yaumbanda yowonjezera, kutsimikizira kulimbikira, kutulutsa data, kapena kuyenda motsatira netiweki.
• Kukula kwamwayi (posasankha): Ngati kuphatikizidwa ndi mwayi wowonjezera mwayi wapaderalo, wowukirayo atha kukwera kuchokera pagawo lokhazikika la ogwiritsa ntchito kufika pamlingo wa SYSTEM.

Chomwe chimapangitsa izi kukhala zowopsa kwambiri ndizomwe ogwiritsa ntchito amayika mu Notepad. Mosiyana ndi mafayilo omwe angagwiritsidwe ntchito, zolemba wamba sizimawunikidwa kawirikawiri ndi ogwira ntchito osamala zachitetezo, zomwe zimapangitsa kutumiza mafayilo opangidwa ndi anthu kukhala kothandiza kwambiri.

Key Insight: Zowopsa zowopsa sizipezeka nthawi zonse m'mapulogalamu ovuta, okhudzana ndi intaneti - nthawi zambiri amakhala m'zida zodalirika, zatsiku ndi tsiku zomwe mabungwe sanaziganizirepo ngati zoopsa. Windows Notepad ndi chitsanzo cha m'mabuku cha momwe zongopeka za mapulogalamu "otetezeka" amapangira mwayi wamakono woukira.

Kodi Zowopsa Zofananiza Ndi Zotani Pamalo Osiyanasiyana a Windows?

Kuopsa kwa chiwopsezochi kumasiyana malinga ndi chilengedwe cha Windows, kusinthika kwa mwayi wa ogwiritsa ntchito, ndi kasamalidwe ka zigamba. Mabizinesi akuyenda Windows 11 ndi zosintha zaposachedwa kwambiri komanso Microsoft Defender yokhazikitsidwa mu block mode nkhope yachepetsedwa kwambiri poyerekeza ndi mabungwe omwe akuyenda kale, osasinthidwa Windows 10 kapena zochitika za Windows Server.

Pa Windows 11, Microsoft idamanganso Notepad yokhala ndi ma pulogalamu amakono, ndikuyiyendetsa ngati pulogalamu ya Microsoft Store yokhala ndi sandbox yokhala ndi kudzipatula kwa AppContainer pamasinthidwe ena. Kusintha kwa kamangidweku kumapereka kuchepetsedwa kwatanthauzo - ngakhale RCE itakwaniritsidwa, komwe wowukirayo akulowera kumatsekeredwa ndi malire a AppContainer. Komabe, sandboxing iyi simagwiritsidwa ntchito konsekonse Windows 11 masinthidwe, ndi Windows 10 madera samalandila chitetezo choterocho mwachisawawa.

Mabungwe omwe ayimitsa Zosintha za Windows zokha - kasinthidwe kodabwitsa kodziwika bwino m'malo omwe akugwiritsira ntchito mapulogalamu achikhalidwe - amakhalabe powonekera pakapita nthawi Microsoft itatulutsa zigamba. Chiwopsezocho chimachulukana m'malo omwe ogwiritsa ntchito nthawi zonse amakhala ndi mwayi wowongolera, kusinthidwa komwe kumaphwanya mfundo yamwayi wocheperako koma kumapitilirabe m'mabizinesi ang'onoang'ono ndi apakati.

Kodi Ma Bizinesi Ayenera Kuchita Chiyani Posachedwapa Kuti Achepetse Chiwopsezochi?

Kuchepetsa kogwira mtima kumafuna njira yosanjikizana yomwe imayang'anizana ndi kusatetezeka komwe kulipo komanso mipata yokhazikika yachitetezo yomwe imapangitsa kuti kubera kutheke:

1. Ikani zigamba nthawi yomweyo: Onetsetsani kuti makina onse a Windows ali ndi zosintha zaposachedwa zachitetezo. Ikani patsogolo mapeto omwe amagwiritsidwa ntchito ndi ogwira ntchito omwe akugwira ntchito ndi mauthenga akunja ndi mafayilo.
2. Onetsetsani zochunira zogwirizana ndi mafayilo: Unikaninso ndi kuletsa mapulogalamu omwe akhazikitsidwa ngati osakhazikika a mafayilo a .txt ndi .log pamabizinesi onse, makamaka pazomaliza zamtengo wapamwamba.
3. Khalani ndi mwayi wocheperako: Chotsani maufulu a oyang'anira kwanuko kumaakaunti anthawi zonse. Ngakhale RCE itakwaniritsidwa, mwayi wochepera wa ogwiritsa ntchito umachepetsa kwambiri kukhudzidwa kwa owukira.
4. Perekani kuzindikira kwapamwamba kwambiri: Konzani njira zowunikira ndi kuyankha (EDR) kuti muwunikire momwe Notepad ikugwirira ntchito, kuyika chizindikiro chopangidwa ndi ana osazolowereka kapena kulumikizana ndi netiweki.
5. Maphunziro odziwitsa ogwiritsa ntchito: Phunzitsani antchito kuti ngakhale mafayilo amawu osavuta akhoza kukhala ndi zida, kulimbikitsa kukayikira koyenera pamafayilo omwe sanapemphedwe mosasamala kanthu za kukulitsa.

Kodi Mapulatifomu Amakono Angathandizire Bwanji Kuchepetsa Kuukira Kwanu Konse?

Zowonongeka ngati Windows Notepad RCE zimatsimikizira chowonadi chozama: zida zogawika, zomwe zidachokera kumapangitsa kuti pakhale chiopsezo chogawanika. Ntchito iliyonse yowonjezera pakompyuta yomwe ikuyenda pa malo ogwira ntchito ndi vekitala yotheka. Mabungwe omwe amaphatikiza mabizinesi papulatifomu zamakono, zopezeka pamtambo amachepetsa kudalira kwawo mapulogalamu a Windows omwe adayikidwa kwanuko - ndikuchepetsa kuukira kwawo panthawiyi.

Mapulatifomu ngati Mewayz, makina opitilira 207-module abizinesi odalirika ndi ogwiritsa ntchito oposa 138,000, amathandizira matimu kuyang'anira CRM, mayendedwe antchito, magwiridwe antchito a e-commerce, mapaipi okhudzana ndi osatsegula, komanso kulumikizana ndi kasitomala motetezeka. Pamene mabizinesi akuluakulu akukhala mumtambo wolimba m'malo moyika Windows, chiwopsezo chobwera chifukwa cha zovuta ngati Notepad RCE chimachepetsedwa kwambiri pakugwirira ntchito tsiku ndi tsiku.

Mafunso Ofunsidwa Kawirikawiri

Kodi Windows Notepad ikadali pachiwopsezo ngati ndili ndi Windows Defender woyatsa?

Windows Defender imapereka chitetezo chokwanira kumasainidwe odziwika bwino, koma sikulowa m'malo mwa zigamba. Ngati chiwopsezocho ndi cha tsiku la ziro kapena chipolopolo chobisika chomwe sichinazindikiridwe ndi siginecha ya Defender, chitetezo chokhacho chokha sichingalepheretse kugwiritsa ntchito. Nthawi zonse ikani patsogolo kugwiritsa ntchito zigamba zachitetezo za Microsoft ngati njira yochepetsera, pomwe Defender imagwira ntchito ngati chitetezo chowonjezera.

Kodi kusatetezeka uku kumakhudza mitundu yonse ya Windows?

Kuwonekera kumasiyana malinga ndi mtundu wa Windows ndi mulingo wa zigamba. Windows 10 ndi malo a Windows Server opanda zosintha zaposachedwa ali pachiwopsezo chachikulu. Windows 11 yokhala ndi Notepad yokhayokha ya AppContainer ili ndi zochepetsera zomanga, ngakhale izi sizikugwiritsidwa ntchito konsekonse. Kuyika kwa Server Core komwe sikuphatikiza Notepad pamasinthidwe awo osasintha kwachepetsa kuwonekera. Nthawi zonse yang'anani Maupangiri Osintha Zachitetezo a Microsoft kuti mugwiritse ntchito mtundu wa CVE.

Kodi ndingadziwe bwanji ngati makina anga adasokonezedwa kale chifukwa chazovutazi?

Zizindikiro zosokoneza ndi monga njira zosayembekezereka za ana zopangidwa ndi notepad.exe, kulumikizana kwachilendo kwamanetiweki kuchokera mundondomeko ya Notepad, ntchito zatsopano zomwe zakonzedwa kapena makiyi olembetsa olembetsa omwe adapangidwa panthawi yomwe fayilo yokayikitsa idatsegulidwa, ndi zochitika zosasangalatsa za akaunti ya ogwiritsa ntchito potsegula chikalata. Unikaninso zolemba za Windows Event Logs, makamaka zolemba za Chitetezo ndi Ntchito, komanso zofananira ndi EDR telemetry ngati zilipo.

Kusayang'ana pachiwopsezo kumafuna kukhala tcheru komanso zida zoyenera zogwirira ntchito. Mewayz imapatsa bizinesi yanu pulatifomu yotetezeka, yamakono yophatikizira magwiridwe antchito ndi kuchepetsa kudalira zida zapakompyuta — kuyambira pa $19/mwezi basi. Explore Mewayz at app.mewayz.com ndikuwona momwe ogwiritsa ntchito ambiri amagwirira ntchito moyenera 00,38 lero.