The latest 0-day IE has affected Microsoft's entire system, and no patches are currently available. Microsoft recently released a security bulletin to guide you on how to temporarily block this vulnerability.
The vulnerability lies in OLEDB32.dll. So our goal is to block this file. In this regard, Microsoft has made four kill:
1. SACL method (applicable only to Vista)
Unicode = yes
[Version]
Signature = "$ CHICAGO $"
Revision = 1
[File Security]
"% ProgramFiles % Common FilesSystemOle DBoledb32.dll", 2, "S :( ML; NWNRNX; ME )"
Save the preceding content as BlockAccess_x86.inf.
Then run SecEdit/configure BlockAccess. sdb/cfg in the command prompt.
It is the inf file path. If the task is successful, the message "the task is successfully completed" is displayed.
2. Disable the Row Position Function
HKEY_CLASSES_ROOTCLSID {2048EEE6-7FA2-11D0-9E6A-00A0C9138C29}
Open Registry Editor and delete the key.
3. Cancel DLL Registration
Enter Regsvr32.exe/u "% ProgramFiles % Common FilesSystemOle DBoledb32.dll" in the command prompt"
You can.
4. Permission setting
Enter cacls "% ProgramFiles % Common FilesSystemOle DBoledb32.dll"/E/P everyone: N in the command prompt.
For the Vista system, enter three commands:
Takeown/f "% ProgramFiles % Common FilesSystemOle DBoledb32.dll"
Icacls "% ProgramFiles % Common FilesSystemOle DBoledb32.dll" ve % TEMP % oledb32.32.dll. TXT
Icacls "% ProgramFiles % Common FilesSystemOle DBoledb32.dll"/deny everyone :( F)
The first method has the least impact (only the access to this DLL is affected by IE ).
Appendix: List of systems and software affected by the Vulnerability
Windows Internet Explorer 7
Windows Internet Explorer 7 for Windows XP
Windows Internet Explorer 7 for Windows Server 2003
Windows Internet Explorer 7 for Windows Server 2003 IA64
Windows Internet Explorer 7 in Windows Vista
Windows Internet Explorer 8 Beta
Microsoft Internet Explorer 6.0 Service Pack 2
Microsoft Internet Explorer 6.0 Service Pack 1
Microsoft Iot Explorer 6.0
Microsoft Internet Explorer 5.01 Service Pack 4
Windows Server 2008 Datacenter without Hyper-V
Windows Server 2008 Enterprise without Hyper-V
Windows Server 2008 for Itanium-Based Systems
Windows Server 2008 Standard without Hyper-V
Windows Server 2008 Datacenter
Windows Server 2008 Enterprise
Windows Server 2008 Standard
Windows Website Server 2008
Windows Vista Service Pack 1, when used:
Windows Vista Business
Windows Vista Enterprise
Windows Vista Home Basic
Windows Vista Home Premium
Windows Vista Starter
Windows Vista Ultimate
Windows Vista Enterprise 64-bit Edition
Windows Vista Home Basic 64-bit Edition
Windows Vista Home Premium 64-bit Edition
Windows Vista Ultimate 64-bit Edition
Windows Vista Business 64-bit Edition
Microsoft Windows Server 2003 Service Pack 1, when used:
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition
Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Microsoft Windows Server 2003, Datacenter x64 Edition
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, Standard x64 Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003 Service Pack 2, when used:
Microsoft Windows Server 2003, Standard Edition (32-bit x86)
Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
Microsoft Windows Server 2003, Web Edition
Microsoft Windows Server 2003, Datacenter x64 Edition
Microsoft Windows Server 2003, Enterprise x64 Edition
Microsoft Windows Server 2003, Standard x64 Edition
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems
Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
Microsoft Windows XP Service Pack 2, when used:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Microsoft Windows XP Service Pack 3, when used:
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
For non-x86 systems, refer to the Microsoft Security Bulletin for independent operations.
FlowerCode @ cnBeta summary from Microsoft Security notice