Microsoft Security notification: four methods to temporarily block the latest 0-day Internet Explorer

Source: Internet
Author: User
Tags website server

The latest 0-day IE has affected Microsoft's entire system, and no patches are currently available. Microsoft recently released a security bulletin to guide you on how to temporarily block this vulnerability.
The vulnerability lies in OLEDB32.dll. So our goal is to block this file. In this regard, Microsoft has made four kill:

1. SACL method (applicable only to Vista)

Unicode = yes
[Version]
Signature = "$ CHICAGO $"
Revision = 1
[File Security]
"% ProgramFiles % Common FilesSystemOle DBoledb32.dll", 2, "S :( ML; NWNRNX; ME )"

Save the preceding content as BlockAccess_x86.inf.
Then run SecEdit/configure BlockAccess. sdb/cfg in the command prompt.
It is the inf file path. If the task is successful, the message "the task is successfully completed" is displayed.

2. Disable the Row Position Function

HKEY_CLASSES_ROOTCLSID {2048EEE6-7FA2-11D0-9E6A-00A0C9138C29}
Open Registry Editor and delete the key.

3. Cancel DLL Registration

Enter Regsvr32.exe/u "% ProgramFiles % Common FilesSystemOle DBoledb32.dll" in the command prompt"
You can.

4. Permission setting

Enter cacls "% ProgramFiles % Common FilesSystemOle DBoledb32.dll"/E/P everyone: N in the command prompt.

For the Vista system, enter three commands:

Takeown/f "% ProgramFiles % Common FilesSystemOle DBoledb32.dll"
Icacls "% ProgramFiles % Common FilesSystemOle DBoledb32.dll" ve % TEMP % oledb32.32.dll. TXT
Icacls "% ProgramFiles % Common FilesSystemOle DBoledb32.dll"/deny everyone :( F)

The first method has the least impact (only the access to this DLL is affected by IE ).

Appendix: List of systems and software affected by the Vulnerability

Windows Internet Explorer 7
Windows Internet Explorer 7 for Windows XP
Windows Internet Explorer 7 for Windows Server 2003
Windows Internet Explorer 7 for Windows Server 2003 IA64
Windows Internet Explorer 7 in Windows Vista
Windows Internet Explorer 8 Beta
Microsoft Internet Explorer 6.0 Service Pack 2
Microsoft Internet Explorer 6.0 Service Pack 1
Microsoft Iot Explorer 6.0
Microsoft Internet Explorer 5.01 Service Pack 4
Windows Server 2008 Datacenter without Hyper-V
Windows Server 2008 Enterprise without Hyper-V
Windows Server 2008 for Itanium-Based Systems
Windows Server 2008 Standard without Hyper-V
Windows Server 2008 Datacenter
Windows Server 2008 Enterprise
Windows Server 2008 Standard
Windows Website Server 2008
Windows Vista Service Pack 1, when used:
Windows Vista Business
Windows Vista Enterprise
Windows Vista Home Basic
Windows Vista Home Premium
Windows Vista Starter
Windows Vista Ultimate
Windows Vista Enterprise 64-bit Edition
Windows Vista Home Basic 64-bit Edition
Windows Vista Home Premium 64-bit Edition
Windows Vista Ultimate 64-bit Edition
Windows Vista Business 64-bit Edition
Microsoft Windows Server 2003 Service Pack 1, when used:
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition
Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Microsoft Windows Server 2003, Datacenter x64 Edition
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, Standard x64 Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 Service Pack 2, when used:
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition
Microsoft Windows Server 2003, Datacenter x64 Edition
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, Standard x64 Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Microsoft Windows XP Service Pack 2, when used:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Microsoft Windows XP Service Pack 3, when used:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
For non-x86 systems, refer to the Microsoft Security Bulletin for independent operations.

FlowerCode @ cnBeta summary from Microsoft Security notice

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.