{"id":13301,"date":"2015-07-17T11:24:50","date_gmt":"2015-07-17T03:24:50","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=13301"},"modified":"2015-07-17T14:10:00","modified_gmt":"2015-07-17T06:10:00","slug":"%e6%96%b0%e5%bc%b1%e9%bb%9e%e9%80%9a%e7%9f%a5-adobe-flash%e8%88%87oracle-java%e9%9b%b6%e6%99%82%e5%b7%ae%e6%bc%8f%e6%b4%9e","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=13301","title":{"rendered":"[\u65b0\u5f31\u9ede\u901a\u77e5] Adobe Flash\u8207Oracle Java\u96f6\u6642\u5dee\u6f0f\u6d1e"},"content":{"rendered":"<p><strong>Hacking Team<\/strong><strong>\u8cc7\u6599\u5916\u6d29\u8207\u65b0\u7684Flash\u6f0f\u6d1e\u66f4\u65b0<\/strong><\/p>\n<p>\u4e0a\u9031\u8da8\u52e2\u79d1\u6280\u66fe\u7d93\u63d0\u9192\u7528\u6236\u4e00\u500b\u65b0\u7684\u96f6\u6642\u5deeAdobe Flash\u6f0f\u6d1e\uff08<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak\/\">CVE-2015-5119<\/a>\uff09\uff0c\u8d77\u56e0\u65bc\u00a0<a href=\"https:\/\/blog.trendmicro.com.tw\/?s=hacking\">\u00a0Hacking Team \u8cc7\u6599\u5916\u6d29<\/a>\u4e8b\u4ef6\u3002\u96d6\u7136Adobe\u5f88\u5feb\u5728\u6700\u65b0\u91cb\u51fa\u7684\u7248\u672c\u4fee\u88dc\u4e86\u9019\u500b\u6f0f\u6d1e\uff0818.0.0.203\uff09\uff0c\u4f46\u5f9eHacking Team\u63e1\u6709\u7684\u8cc7\u6599\u4e2d\u53c8\u767c\u73fe\u4e86\u5169\u500b\u65b0\u7684Flash\u6f0f\u6d1e\u3002<\/p>\n<p><a href=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2015\/07\/hacker.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-13189\" src=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2015\/07\/hacker.jpg\" alt=\"hacker \u99ed\u5ba2\" width=\"500\" height=\"500\" srcset=\"https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2015\/07\/hacker.jpg 500w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2015\/07\/hacker-150x150.jpg 150w, https:\/\/blog.trendmicro.com.tw\/wp-content\/uploads\/2015\/07\/hacker-300x300.jpg 300w\" sizes=\"(max-width: 500px) 100vw, 500px\" \/><\/a><\/p>\n<p>\u95dc\u65bc\u65b0\u767c\u73fe\u7684Flash\u6f0f\u6d1e\u8cc7\u8a0a\uff0c\u60a8\u53ef\u53c3\u8003\uff1a<\/p>\n<ul>\n<li>CVE-2015-5122\uff1a<br \/>\n<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=13251\">Hacking Team \u8cc7\u6599\u5916\u6d29\u4e8b\u4ef6\u53c8\u4e00\u500bAdobe Flash Player \u6f0f\u6d1e\u96f6\u6642\u5dee\u6f0f\u6d1e\u66dd\u5149<\/a><\/li>\n<li>CVE-2015-5123\uff1a<br \/>\n<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=13261\">\u53c8\u4f86\u4e86!! Hacking Team \u8cc7\u6599\u5916\u6d29\u6dfb\u65b0\u7684 Adobe Flash \u96f6\u6642\u5dee\u6f0f\u6d1e (CVE-2015-5123)<\/a><\/li>\n<\/ul>\n<p>\u9019\u5169\u500b\u65b0\u7684Adobe Flash\u6f0f\u6d1e\uff08CVE-2015-5122\u3001CVE-2015-5123\uff09\u5df2\u7d93\u8b49\u5be6\u4f46\u76ee\u524d\u5c1a\u672a\u4fee\u88dc\u3002Adobe\u627f\u8afe\u6703\u5728\u672c\u5468\u4fee\u88dc\u9019\u5169\u500b\u6f0f\u6d1e\u3002<\/p>\n<p>\u6b64\u5916\u6211\u5011\u4e5f\u89c0\u5bdf\u5230\u5df2\u7d93\u6709\u90e8\u5206\u53f0\u7063\u7db2\u7ad9\u906d\u53d7\u99ed\u5ba2\u5165\u4fb5\uff0c\u5229\u7528CVE-2015-5122\u6f0f\u6d1e\u690d\u5165\u5f8c\u9580\u7a0b\u5f0f\uff0c\u8da8\u52e2\u79d1\u6280\u7528\u6236\u53ea\u8981\u555f\u7528\u7db2\u9801\u4fe1\u8b7d\u8a55\u7b49\u670d\u52d9\uff0c\u5373\u53ef\u6514\u622a\u9019\u4e9b\u53d7\u99ed\u7db2\u7ad9\u3002<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Pawn Storm<\/strong><strong>\u653b\u64ca\u8207Java\u96f6\u6642\u5dee\u6f0f\u6d1e<\/strong><\/h3>\n<p>\u8ca0\u8cac<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=13294\">Pawn Storm\u76ee\u6a19\u5f0f\u653b\u64ca\u6d3b\u52d5<\/a>\u7684\u8da8\u52e2\u79d1\u6280\u5a01\u8105\u7814\u7a76\u5c08\u5bb6\uff0c\u5728\u6b64\u653b\u64ca\u6d3b\u52d5\u4e2d\u767c\u73fe\u4e86\u4e00\u500b\u65b0\u7684Oracle Java\u96f6\u6642\u5dee\u6f0f\u6d1e\u906d\u53d7\u5230\u653b\u64ca\u3002\u6839\u64da<a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=2651&amp;name=20110916\">\u8da8\u52e2\u79d1\u6280<\/a><a href=\"https:\/\/www.trendmicro.com.tw\/edm\/Tracking.asp?id=1244&amp;name=20090817\">\u4e3b\u52d5\u5f0f\u96f2\u7aef\u622a\u6bd2\u670d\u52d9\u00a0 Smart Protection Network<\/a>\u5206\u6790\uff0c\u9019\u4e9b\u653b\u64ca\u662f\u900f\u904e\u9b5a\u53c9\u5f0f\u7db2\u8def\u91e3\u9b5a<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=136\">\u7db2\u8def\u91e3\u9b5a\uff08Phishing\uff09<\/a>\u4fe1\u4ef6\u9032\u884c\uff0c\u5728\u4fe1\u4ef6\u4e2d\u542b\u6709\u60e1\u610fURL\u6307\u5411\u60e1\u610f\u4f3a\u670d\u5668\uff0c\u9032\u800c\u653b\u64ca\u672a\u4fee\u88dc\u7684Java\u6f0f\u6d1e\u3002<\/p>\n<p>\u9019\u4e9b\u884c\u52d5\u540c\u6642\u6703\u653b\u64ca\u4e00\u500b\u4e09\u5e74\u524d\u5df2\u63ed\u9732\u7684\u5fae\u8edfWindows Common Controls\u6f0f\u6d1eCVE-2012-015\uff08<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/threat-encyclopedia\/vulnerability\/1924\/ms12027-vulnerability-in-windows-common-controls-could-allow-remote-code-execution-2664258\">MS12-027<\/a>\uff09\u3002<\/p>\n<ul>\n<li>\u8da8\u52e2\u79d1\u6280\u5df2\u5c07\u6b64\u4e00\u65b0\u7684\u96f6\u6642\u5dee\u6f0f\u6d1e\u56de\u5831\u7d66Oracle\u4e26\u8207\u5176\u5bc6\u5207\u5408\u4f5c\uff0c\u800cOracle\u4e5f\u5df2\u7d93\u7dca\u6025\u57282015\u5e747\u670814\u65e5\u91cb\u51fa\u4fee\u6b63\u7a0b\u5f0f\u4fee\u88dc\u6b64Java\u6f0f\u6d1e\u3002\u8a73\u7d30\u8cc7\u6599\u8acb\u53c3\u8003\uff1a<br \/>\n\u9032\u4e00\u6b65\u8cc7\u8a0a\u8acb\u53c3\u8003\uff1a<br \/>\n<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=13294\">Java\u96f6\u6642\u5dee\u6f0f\u6d1e\u518d\u73fe\uff0c\u9396\u5b9a\u5c08\u9580\u653b\u64ca\u8ecd\u4e8b\u55ae\u4f4d,\u653f\u5e9c\u6a5f\u95dc\u548c\u570b\u9632\u6a5f\u69cb<\/a><\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.oracle.com\/technetwork\/topics\/security\/cpujul2015-2367936.html\">Oracle 2015\u5e74\u4e03\u6708\u7dca\u6025\u66f4\u65b0\u5efa\u8b70<\/a><\/p>\n<p><strong><u>\u9632\u8b77\u63aa\u65bd <\/u><\/strong><br \/>\n\u8da8\u52e2\u79d1\u6280\u5df2\u6709\u89e3\u6c7a\u65b9\u6848\u9632\u8b77\u7528\u6236\u514d\u906d\u6b64\u6f0f\u6d1e\u653b\u64ca\uff1a<\/p>\n<ul>\n<li><strong>\u8da8\u52e2\u79d1\u6280Deep Security\u53caVulnerability Protection<\/strong>\uff08\u539fOfficeScan\u4e2d\u7684IDF\u6a21\u7d44\uff09\uff1a\u8acb\u5c07\u9632\u8b77\u898f\u5247\u4fdd\u6301\u66f4\u65b0\uff0c\u5373\u53ef\u63d0\u4f9b\u591a\u4e00\u5c64\u7684\u9632\u8b77\u3002\u5c24\u5176\u8da8\u52e2\u79d1\u6280\u66f4\u91cb\u51fa\u6700\u65b0\u4e3b\u52d5\u5f0f\u9632\u8b77\u898f\u5247\uff1a\n<ul>\n<li><strong>Deep Packet Inspection (DPI) rule1006824<\/strong> \u2013 Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability (addresses the already resolved CVE-2015-5119)<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<ul>\n<ul>\n<li><strong>Deep Packet Inspection (DPI) rule1006858<\/strong> \u2013 Adobe Flash ActionScript3 opaqueBackground Use After Free Vulnerability (CVE-2015-5122)<\/li>\n<\/ul>\n<\/ul>\n<ul>\n<ul>\n<li><strong>Deep Packet Inspection (DPI) rule1006859<\/strong> \u2013 Adobe Flash Player BitmapData Remote Code Execution Vulnerability (CVE-2015-5123)<\/li>\n<\/ul>\n<\/ul>\n<ul>\n<ul>\n<li><strong>Deep Packet Inspection (DPI) rule1006857<\/strong> \u2013 Oracle Java SE Remote Code Execution Vulnerability<\/li>\n<\/ul>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>\u8da8\u52e2\u79d1\u6280\u5f37\u70c8\u5efa\u8b70\u60a8\u5118\u901f\u5b89\u88dd\u539f\u5ee0\u6240\u91cb\u51fa\u7684\u5b89\u5168\u6027\u66f4\u65b0\u6216\u4fee\u88dc\u7a0b\u5f0f\u3002\u5982\u679c\u60a8\u6709\u5176\u4ed6\u554f\u984c\u6216\u662f\u9700\u8981\u9032\u4e00\u6b65\u5354\u52a9\uff0c\u8acb\u60a8\u806f\u7d61\u8da8\u52e2\u79d1\u6280\u6280\u8853\u652f\u63f4\u90e8\u3002<\/p>\n<p>\u5ef6\u4f38\u95b1\u8b80:<\/p>\n<ul>\n<li><a href=\"https:\/\/blog.trendmicro.com.tw\/?p=13261\">\u53c8\u4f86\u4e86!! Hacking Team \u8cc7\u6599\u5916\u6d29\u6dfb\u65b0\u7684 Adobe Flash \u96f6\u6642\u5dee\u6f0f\u6d1e (CVE-2015-5123)<\/a><\/li>\n<li style=\"font-style: inherit; font-weight: inherit;\"><a style=\"font-style: inherit; font-weight: inherit;\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=13251\">Hacking Team \u8cc7\u6599\u5916\u6d29\u4e8b\u4ef6\u53c8\u4e00\u500bAdobe Flash Player \u6f0f\u6d1e\u96f6\u6642\u5dee\u6f0f\u6d1e\u66dd\u5149<\/a><\/li>\n<li style=\"font-style: inherit; font-weight: inherit;\"><a style=\"font-style: inherit; font-weight: inherit;\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=13211\">\u7576\u5fc3\u52d2\u7d22\u8edf\u9ad4\u5229\u7528Hacking Team \u5916\u6d29\u7684 Adobe Flash\u6f0f\u6d1e\u767c\u52d5\u653b\u64ca<\/a><\/li>\n<li style=\"font-style: inherit; font-weight: inherit;\"><a style=\"font-style: inherit; font-weight: inherit;\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=13202\">Hacking Team \u7684 Flash \u96f6\u6642\u5dee\u6f0f\u6d1e\u653b\u64ca,\u5df2\u88ab\u6536\u9304\u5230\u6f0f\u6d1e\u653b\u64ca\u5957\u4ef6!<\/a><\/li>\n<li style=\"font-style: inherit; font-weight: inherit;\"><a style=\"font-style: inherit; font-weight: inherit;\" href=\"https:\/\/blog.trendmicro.com.tw\/?p=13185\">\u5099\u6536\u722d\u8b70\u7684 Hacking Team \u88ab\u99ed ! \u6d41\u51fa\u8cc7\u6599\u4e2d\u767c\u73fe Flash\u96f6\u6642\u5dee\u6f0f\u6d1e\u653b\u64ca\u7a0b\u5f0f<\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>\u60f3\u4e86\u89e3\u66f4\u591a\u95dc\u65bc\u7db2\u8def\u5b89\u5168\u7684\u79d8\u8a23\u548c\u5efa\u8b70\uff0c\u53ea\u8981\u5230<a href=\"https:\/\/www.facebook.com\/trendmicrotaiwan\">\u8da8\u52e2\u79d1\u6280\u7c89\u7d72\u7db2\u9801<\/a> \u6216\u4e0b\u9762\u7684\u6309\u9215\u6309\u8b9a<\/p>\n<p><iframe loading=\"lazy\" style=\"border: none; overflow: hidden; width: 350px; height: 62px;\" src=\"https:\/\/www.facebook.com\/plugins\/likebox.php?id=255176705131&amp;width=350&amp;connections=0&amp;stream=false&amp;header=false&amp;height=62\" width=\"300\" height=\"150\" frameborder=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<p><span style=\"color: red;\"><b>\u300a\u63d0\u9192\u300b<\/b><span style=\"color: #000000;\">\u5c07\u6ed1\u9f20\u6e38\u6a19\u79fb\u52d5\u5230\u53f3\u4e0a\u65b9\u7684<strong>\u300c\u5df2\u8aaa\u8b9a\u300d<\/strong>\u6b04\u4f4d\uff0c\u52fe\u9078<strong>\u300c\u6436\u5148\u770b\u300d<\/strong>\u9078\u9805\u3002\u5efa\u8b70\u4e5f\u53ef\u540c\u6642\u9078\u64c7<strong>\u63a5\u6536\u901a\u77e5<\/strong>\u548c<strong>\u65b0\u589e\u5230\u8208\u8da3\u4e3b\u984c\u6e05\u55ae,<\/strong>\u6700\u65b0\u8cbc\u6587\u5c31\u6703\u512a\u5148\u986f\u793a\u5728\u52d5\u614b\u6d88\u606f\u9802\u7aef\uff0c\u8b93\u4f60\u4e0d\u6703\u932f\u904e\u4efb\u4f55\u66f4\u65b0\u3002<\/span><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hacking Team\u8cc7\u6599\u5916\u6d29\u8207\u65b0\u7684Flash\u6f0f\u6d1e\u66f4\u65b0 \u4e0a\u9031\u8da8\u52e2\u79d1\u6280\u66fe\u7d93\u63d0\u9192\u7528\u6236\u4e00\u500b\u65b0\u7684\u96f6\u6642\u5deeAdobe F [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[156],"tags":[2202,2203,2204],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/13301"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=13301"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/13301\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=13301"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=13301"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=13301"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}