Security Protection: four methods to Block 0-day Vulnerabilities

Last Update:2013-11-29 Source: Internet

Author: User

Tags website server

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Source: People's Network

The latest 0-day IE has affected Microsoft's entire system, and no patches are currently available. Microsoft recently released a security bulletin to guide you on how to temporarily block this vulnerability.

The vulnerability lies in OLEDB32.dll. So our goal is to block this file. In this regard, Microsoft has made four kill:

1. SACL method (applicable only to Vista)

Create a notebook and copy the following content:

[Unicode]

Unicode = yes

[Version]

Signature = "$ CHICAGO $"

Revision = 1

[File Security]

"% ProgramFiles % Common FilesSystemOle DBoledb32.dll", 2, "S :( ML; NWNRNX; ME )"

Save as BlockAccess_x86.inf

Then run SecEdit/configure/db BlockAccess. sdb/cfg in the command prompt.

It is the inf file path. If the task is successful, the message "the task is successfully completed" is displayed.

2. Disable the Row Position Function

HKEY_CLASSES_ROOTCLSID {2048EEE6-7FA2-11D0-9E6A-00A0C9138C29}

Open Registry Editor and delete the key.

3. Cancel DLL Registration

Enter Regsvr32.exe/u "% ProgramFiles % Common FilesSystemOle DBoledb32.dll" in the command prompt"

You can.

4. Permission setting

Enter cacls "% ProgramFiles % Common FilesSystemOle DBoledb32.dll"/E/P everyone: N in the command prompt.

For the Vista system, enter three commands:

Takeown/f "% ProgramFiles % Common FilesSystemOle DBoledb32.dll"

Icacls "% ProgramFiles % Common FilesSystemOle DBoledb32.dll"/save % TEMP % oledb32.32.dll. TXT

Icacls "% ProgramFiles % Common FilesSystemOle DBoledb32.dll"/deny everyone :( F)

The first method has the least impact (only the access to this DLL is affected by IE ).

Appendix: List of systems and software affected by the Vulnerability

Windows Internet Explorer 7

Windows Internet Explorer 7 for Windows XP

Windows Internet Explorer 7 for Windows Server 2003

Windows Internet Explorer 7 for Windows Server 2003 IA64

Windows Internet Explorer 7 in Windows Vista

Windows Internet Explorer 8 Beta

Microsoft Internet Explorer 6.0 Service Pack 2

Microsoft Internet Explorer 6.0 Service Pack 1

Microsoft Iot Explorer 6.0

Microsoft Internet Explorer 5.01 Service Pack 4

Windows Server 2008 Datacenter without Hyper-V

Windows Server 2008 Enterprise without Hyper-V

Windows Server 2008 for Itanium-Based Systems

Windows Server 2008 Standard without Hyper-V

Windows Server 2008 Datacenter

Windows Server 2008 Enterprise

Windows Server 2008 Standard

Windows Website Server 2008

Windows Vista Service Pack 1, when used:

Windows Vista Business

Windows Vista Enterprise

Windows Vista Home Basic

Windows Vista Home Premium

Windows Vista Starter

Windows Vista Ultimate

Windows Vista Enterprise 64-bit Edition

Windows Vista Home Basic 64-bit Edition

Windows Vista Home Premium 64-bit Edition

Windows Vista Ultimate 64-bit Edition

Windows Vista Business 64-bit Edition

Microsoft Windows Server 2003 Service Pack 1, when used:

Microsoft Windows Server 2003, Standard Edition (32-bit x86)

Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)

Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)

Microsoft Windows Server 2003, Web Edition

Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems

Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems

Microsoft Windows Server 2003, Datacenter x64 Edition

Microsoft Windows Server 2003, Enterprise x64 Edition

Microsoft Windows Server 2003, Standard x64 Edition

Microsoft Windows XP Professional x64 Edition

Microsoft Windows Server 2003 Service Pack 2, when used:

Microsoft Windows Server 2003, Standard Edition (32-bit x86)

Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)

Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)

Microsoft Windows Server 2003, Web Edition

Microsoft Windows Server 2003, Datacenter x64 Edition

Microsoft Windows Server 2003, Enterprise x64 Edition

Microsoft Windows Server 2003, Standard x64 Edition

Microsoft Windows XP Professional x64 Edition

Microsoft Windows Server 2003, Datacenter Edition for Itanium-Based Systems

Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems

Microsoft Windows XP Service Pack 2, when used:

Microsoft Windows XP Home Edition

Microsoft Windows XP Professional

Microsoft Windows XP Service Pack 3, when used:

Microsoft Windows XP Home Edition

Microsoft Windows XP Professional

For non-x86 systems, refer to the Microsoft Security Bulletin for independent operations.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More