I-Windows Notepad Yohlelo Lokusebenza Lwekhodi Ekude Yekhodi

Kukhonjiwe ukuba sengozini okubalulekile Kokwenziwa Kwekhodi Yesilawuli kude sohlelo lokusebenza lwe-Windows (RCE), okuvumela abahlaseli ukuthi basebenzise ikhodi engafanele kumasistimu athintekile ngokukhohlisa abasebenzisi ukuthi bavule ifayela eliklanywe ngokukhethekile. Ukuqonda ukuthi lobu bungozi busebenza kanjani - nokuthi ungayivikela kanjani ingqalasizinda yebhizinisi lakho - kubalulekile kunoma iyiphi inhlangano esebenza endaweni eyingozi yanamuhla.

Iyini Ngempela Ingozi Yokusebenzisa Ikhodi Yenothiphedi Ye-Windows?

I-Notepad ye-Windows, kudala ibhekwa njengomhleli wombhalo ongenangozi, ongenalutho ohlanganiswe nazo zonke izinhlobo ze-Microsoft Windows, ngokomlando ibithathwa njengelula kakhulu ukubamba amaphutha amakhulu okuphepha. Lokho kucatshangelwa kubonakale kungalungile ngendlela eyingozi. Ukuba sengozini Kokwenziwa Kwekhodi Yohlelo Lokusebenza Lwe-Notepad Yesilawuli kude kusebenzisa ubuthakathaka endleleni i-Notepad ecozulula ngayo amafomethi athile efayela futhi isingatha ukwabiwa kwememori phakathi nokunikezwa kokuqukethwe kombhalo.

Emnyombweni waso, lesi sigaba sokuba sengozini ngokuvamile sibandakanya ukuchichima kwebhafa noma iphutha lokukhohlakala kwenkumbulo okuqalwa lapho i-Notepad icubungula ifayela elakhiwe ngokungalungile. Lapho umsebenzisi evula idokhumenti eyenziwe ngobuciko — ngokuvamile efihlwa njenge-.txt engenabungozi noma ifayela lokungena — i-shellcode yomhlaseli isetshenziswa kumongo weseshini yamanje yomsebenzisi. Ngenxa yokuthi i-Notepad isebenza nezimvume zomsebenzisi ongene ngemvume, umhlaseli angakwazi ukuthola ukulawula okuphelele kwamalungelo okufinyelela aleyo akhawunti, okuhlanganisa ukufinyelela kokufunda/ukubhala kumafayela abucayi nezinsiza zenethiwekhi.

I-Microsoft ibhekane ngezeluleko eziningi zokuphepha ezihlobene ne-Notepad eminyakeni yamuva ngemijikelezo yayo ye-Patch Tuesday, ngobungozi obubhalwe ngaphansi kwama-CVE athinta Windows 10, Windows 11, kanye nezinhlelo zeWindows Server. Indlela yokusebenza ayiguquki: ukwehluleka komqondo wokuhlaziya kudala izimo ezisebenzisekayo ezeqa ukuvikela okujwayelekile kwenkumbulo.

Isebenza Kanjani IVector Yokuhlasela Ezimeni Zomhlaba Wangempela?

Ukuqonda uchungechunge lokuhlasela kusiza izinhlangano zakhe ukuzivikela okusebenza kakhudlwana. Isimo sokuxhaphaza esijwayelekile silandela ukulandelana okungabikezelwa:

• Ukulethwa: Umhlaseli wenza ifayela elinonya futhi alisabalalise nge-imeyili yobugebengu bokweba imininingwane ebucayi, izixhumanisi zokulanda ezinonya, amadrayivu enethiwekhi abiwayo, noma izinsiza zesitoreji samafu ezisengozini.
• Isiqalisi sokwenza: Isisulu sichofoza kabili ifayela, elivuleka ku-Notepad ngokuzenzakalelayo ngenxa yezilungiselelo zokuhlotshaniswa kwefayela le-Windows .txt, .log, nezandiso ezihlobene.
• Ukuxhashazwa kwenkumbulo: Injini yokuhlaziya ye-Notepad ihlangabezana nedatha engalungile, okubangela inqwaba noma ukuchichima kwesitaki esivala izikhombi zememori ezibalulekile ezinamavelu alawulwa umhlaseli.
• Ukwenziwa kwekhodi ye-Shell: Ukulawula ukugeleza kuqondiswe kabusha ekulayisheni okukhokhwayo okushumekiwe, okungase kudawunilode uhlelo olungayilungele ikhompuyutha eyengeziwe, kuqinise ukuphikelela, kukhiphe idatha, noma kuhambise eceleni kunethiwekhi yonkana.
• Ukukhushulwa kwelungelo (ongakukhetha): Uma kuhlanganiswa nokuxhashazwa kokwenyuka kwamalungelo endawo, umhlaseli angakwazi ukukhuphuka kusukela kuseshini yomsebenzisi ejwayelekile ukuya ekufinyeleleni izinga le-SYSTEM.

Okwenza lokhu kube yingozi ikakhulukazi ukwethembana okungacacile kwabasebenzisi ku-Notepad. Ngokungafani namafayela asebenzisekayo, imibhalo engenalutho ayivamisile ukuhlolisiswa izisebenzi eziqaphela ukuphepha, okwenza ukulethwa kwamafayela athuthukiswe emphakathini kuphumelele kakhulu.

I-Key Insight: Ubungozi obuyingozi kakhulu abutholakali ngaso sonke isikhathi ezinhlelweni eziyinkimbinkimbi, ezibhekene ne-inthanethi — ngokuvamile buhlala kumathuluzi athenjwayo, ansuku zonke izinhlangano ezingakaze zicabangele indawo eyingozi. I-Windows Notepad iyisibonelo sencwadi yokufunda yokuthi ukuqagela kwefa mayelana nesofthiwe "ephephile" idala kanjani amathuba okuhlasela esimanje.

Iziphi Izingozi Eziqhathaniswayo Ezindaweni Ezihlukene Ze-Windows?

Ubunzima balokhu kuba sengcupheni buyahlukahluka kuye ngendawo ye-Windows, ukucushwa kwamalungelo omsebenzisi, nokuma kokuphathwa kwezichibi. Izimo zebhizinisi ezisebenzayo Windows 11 ngezibuyekezo zakamuva eziqongelelayo kanye ne-Microsoft Defender elungiselelwe kwimodi yokuvimba ubuso obunciphile kakhulu ukuchayeka uma kuqhathaniswa nezinhlangano ezisebenzisa amadala, ezingapeyishiwe Windows 10 noma izimo ze-Windows Server.

Ivuliwe Windows 11, i-Microsoft yakhe kabusha i-Notepad ngokupakishwa kwesimanje kwezinhlelo zokusebenza, iyisebenzise njengohlelo lokusebenza lweSitolo se-Microsoft esinebhokisi elinesihlabathi esine-AppContainer ehlukile ekucushweni okuthile. Lolu shintsho lwezakhiwo lunikeza ukuncishiswa okunengqondo - ngisho noma i-RCE ifinyelelwa, indawo yomhlaseli ivinjelwa umngcele we-AppContainer. Kodwa-ke, le sandboxing ayisetshenziswa emhlabeni wonke kuwo wonke Windows 11 ukucupha, futhi Windows 10 izindawo azikutholi ukuvikelwa okunjalo ngokuzenzakalelayo.

Izinhlangano ezikhubaze ukubuyekezwa kwe-Windows okuzenzakalelayo - ukucushwa okuvamile ngokumangazayo ezindaweni ezisebenzisa isofthiwe yefa - zihlala ziveziwe isikhathi eside ngemva kokuba i-Microsoft ikhiphe iziqephu. Ubungozi buphindaphindeka ezindaweni lapho abasebenzisi basebenza khona njalo ngamalungelo omlawuli wendawo, ukulungiselelwa okwephula isimiso sokungabi namalungelo amancane kodwa okuqhubekayo kakhulu emabhizinisini amancane naphakathi nendawo.

Iziphi Izinyathelo Ezisheshayo Okufanele Amabhizinisi Azithathe Ukunciphisa Lobu Kuba Sengozini?

Ukunciphisa okusebenzayo kudinga indlela enezingqimba ebhekana nakho kokubili ubungozi obukhona kanye namagebe okuma okuvikeleka angaphansi okwenza ukuxhashazwa kwenzeke:

1. Faka amapeshi ngokushesha: Qinisekisa ukuthi wonke amasistimu e-Windows anezibuyekezo zakamuva eziqoqiwe zokuvikeleka ezifakiwe. Beka kuqala izindawo zokugcina ezisetshenziswa izisebenzi eziphethe ukuxhumana kwangaphandle namafayela.
2. Hlola izilungiselelo zokuhlotshaniswa kwamafayela: Buyekeza futhi ubeke imingcele ukuthi iziphi izinhlelo zokusebenza ezisethwe njengezibambi ezizenzakalelayo zamafayela e-.txt kanye .log ebhizinisini lonke, ikakhulukazi ezindaweni zokugcina zenani eliphezulu.
3. Sebenzisa ilungelo elincane: Susa amalungelo omlawuli wendawo kuma-akhawunti ajwayelekile omsebenzisi. Ngisho noma i-RCE ifinyelelwa, amalungelo omsebenzisi anomkhawulo anciphisa kakhulu umthelela womhlaseli.
4. Sebenzisa ukutholwa kwephoyinti lokugcina elithuthukisiwe: Lungiselela ukutholwa kwephoyinti lokugcina kanye nempendulo (EDR) ukuze ugade inqubo yenqubo ye-Notepad, ukumaka ukudalwa kwenqubo yengane okungajwayelekile noma ukuxhumeka kwenethiwekhi.
5. Ukuqeqeshwa kokuqwashisa abasebenzisi: Fundisa abasebenzi ukuthi ngisho namafayela anombhalo ongenalutho angaba izikhali, okuqinisa ukungabaza okunempilo ngamafayela angacelwanga ngaphandle kokunwetshwa.

Izinkundla Zebhizinisi Zesimanje Zingakusiza Kanjani Ekwehliseni Isamba Sakho Sokuhlasela?

Ukulimala okufana ne-Windows Notepad RCE kugcizelela iqiniso elijulile: ithuluzi elihlukaniswe izingxenye, ithuluzi lefa lidala ingcuphe yokuphepha ehlukene. Lonke uhlelo lokusebenza lwedeskithophu eyengeziwe olusebenza ezindaweni zokusebenza zabasebenzi luyi-vector engaba khona. Izinhlangano ezihlanganisa ukusebenza kwebhizinisi kuzinkundla zesimanjemanje, ezitholakala kumafu zehlisa ukuthembela kwazo ezinhlelweni ezifakwe endaweni ze-Windows - futhi zinciphisa ngokubonakalayo indawo yazo yokuhlasela ngesikhathi kuqhubeka inqubo.

Amapulatifomu afana ne-Mewayz, isistimu yokusebenza yebhizinisi yamamojula angu-207 ethenjwe abasebenzisi abangaphezu kuka-138,000, inika amandla amaqembu ukuthi alawule i-CRM, ukugeleza komsebenzi wephrojekthi, imisebenzi ye-e-commerce, amapayipi okuqukethwe esipheqululini ngokusebenzisa indawo yonke yokuxhumana, kanye nemvelo yokuxhumana evikelekile. Uma imisebenzi yebhizinisi eyinhloko ihlala kungqalasizinda yamafu eqinile kunezinhlelo zokusebenza ze-Windows ezifakwe endaweni, ubungozi obubangelwa ubungozi obufana ne-Notepad RCE buncipha kakhulu ekusebenzeni kwansuku zonke.

Imibuzo Evame Ukubuzwa

Ingabe i-Windows Notepad isesengozini uma ngine-Windows Defender enikwe amandla?

I-Windows Defender ihlinzeka ngokuvikeleka okunengqondo kumasiginesha okuxhashazwa okwaziwayo, kodwa ayithatheli indawo yokuchibiyela. Uma ubungozi kuwusuku oluyiziro noma kusetshenziswa i-shellcode engabonakali okwamanje engakatholwa amasiginesha e-Defender, ukuvikela kwe-endpoint kukodwa kungase kungavimbeli ukuxhashazwa. Hlala njalo ubeke phambili ukusebenzisa iziqephu zokuphepha ze-Microsoft njengokunciphisa okuyinhloko, i-Defender isebenza njengesendlalelo sokuvikela esihambisanayo.

Ingabe lobu bungozi buthinta zonke izinguqulo ze-Windows?

Ukuchayeka okuthile kuyehluka ngokwenguqulo ye-Windows kanye nezinga lokuchibiyela. Windows 10 kanye nezindawo ze-Windows Server ezingenazo izibuyekezo zakamuva eziqongelelwe zisengozini enkulu. Windows 11 ene-AppContainer-isolated Notepad inokuncishiswa kwezakhiwo, nakuba lokhu kungasebenzi emhlabeni wonke. Ukufakwa kwe-Server Core okungafaki i-Notepad ekucushweni kwakho okuzenzakalelayo kunciphise ukuchayeka. Njalo hlola Umhlahlandlela Wokuvuselela Ukuvikeleka we-Microsoft ukuze uthole ukusebenziseka kwenguqulo ethile ye-CVE.

Ngingakwazi kanjani uma isistimu yami isivele isengozini ngenxa yalokhu kuba sengozini?

Izinkomba zokufaka engozini zihlanganisa izinqubo ezingalindelekile zengane ezidalwe yi-notepad.exe, ukuxhumeka kwenethiwekhi okungavamile okuphuma enqubweni ye-Notepad, imisebenzi emisha ehleliwe noma okhiye bokuqalisa bokubhalisa abadalwe ngesikhathi kuvulwa ifayela elisolisayo, nomsebenzi omangalisayo we-akhawunti yomsebenzisi olandela umcimbi wokuvula idokhumenti. Buyekeza Amalogi Ezehlakalo E-Windows, ikakhulukazi amalogi Ezokuphepha Nezinhlelo Zokusebenza, kanye nereferensi enqamulayo nge-EDR telemetry uma ikhona.

Ukuhlala ngaphambi kobungozi kudinga kokubili ukuqapha kanye nengqalasizinda yokusebenza efanele. I-Mewayz inika ibhizinisi lakho inkundla evikelekile, yesimanje yokuhlanganisa imisebenzi futhi yehlise ukuncika kumathuluzi edeskithophu yefa — aqala ku-$19/ngenyanga nje. Hlola i-Mewayz ku-app.mewayz.com futhi ubone ukuthi abasebenzisi be-0s0fer more,038 basebenza kanjani namuhla.