內容說明:
CISA於7/8至7/14在Known Exploited Vulnerabilities Catalog(KEV)中發布3個已遭駭客利用之漏洞。
影響平台:
受影響廠商與產品名稱如下:
Rejetto|HTTP File Server
Microsoft|Windows Hyper-V
Microsoft|Windows MSHTML Platform
處置建議:
修補說明請參考以下官方連結:
Rejetto|HTTP File Server
https://github.com/rejetto/hfs?tab=readme-ov-file#installation
https://www.rejetto.com/hfs/
Microsoft|Windows Hyper-V
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38080
Microsoft|Windows MSHTML Platform
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112
CVE編號:
CVE-2024-23692
CVE-2024-38080
CVE-2024-38112
參考資料:
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://nvd.nist.gov/vuln/detail/CVE-2024-23692
https://nvd.nist.gov/vuln/detail/CVE-2024-38080
https://nvd.nist.gov/vuln/detail/CVE-2024-38112
https://github.com/rejetto/hfs?tab=readme-ov-file#installation
https://www.rejetto.com/hfs/
https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2024-38080
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112
新聞來源:https://www.nics.nat.gov.tw/core_business/information_security_information_sharing/Vulnerability_Alerts/1564/
發布日期:26/07/2024