{"id":60312,"date":"2019-04-22T11:59:13","date_gmt":"2019-04-22T03:59:13","guid":{"rendered":"https:\/\/blog.trendmicro.com.tw\/?p=60312"},"modified":"2019-04-22T12:00:28","modified_gmt":"2019-04-22T04:00:28","slug":"ie%e7%80%8f%e8%a6%bd%e5%99%a8%e7%9a%84xxe%e9%9b%b6%e6%99%82%e5%b7%ae%e6%b3%a8%e5%85%a5%e6%bc%8f%e6%b4%9e%e6%9c%83%e8%ae%93%e9%a7%ad%e5%ae%a2%e7%ab%8a%e5%8f%96%e6%aa%94%e6%a1%88%e5%92%8c%e7%b3%bb","status":"publish","type":"post","link":"https:\/\/blog.trendmicro.com.tw\/?p=60312","title":{"rendered":"IE\u700f\u89bd\u5668\u7684XXE\u96f6\u6642\u5dee\u6ce8\u5165\u6f0f\u6d1e,\u6703\u8b93\u99ed\u5ba2\u7aca\u53d6\u6a94\u6848\u548c\u7cfb\u7d71\u8cc7\u8a0a"},"content":{"rendered":"\n<p><\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/03\/Vulnerability-200x200.jpg\" alt=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/03\/Vulnerability-200x200.jpg\"\/><\/figure><\/div>\n\n\n\n<p>\u8cc7\u5b89\u7814\u7a76\u54e1John Page\u6700\u8fd1<a href=\"https:\/\/hyp3rlinx.altervista.org\/advisories\/MICROSOFT-INTERNET-EXPLORER-v11-XML-EXTERNAL-ENTITY-INJECTION-0DAY.txt\">\u62ab\u9732<\/a>\u4e86\u4e00\u500b\u5fae\u8edfIE\u700f\u89bd\u5668\u7684XXE\uff08XML\u5916\u90e8\u5be6\u9ad4\uff09\u96f6\u6642\u5dee\u6ce8\u5165\u6f0f\u6d1e\u3002\u6839\u64da\u5831\u5c0e\uff0c\u99ed\u5ba2\u53ef\u4ee5\u5229\u7528\u6b64\u6f0f\u6d1e\u4f86\u7aca\u53d6\u6a5f\u5bc6\u8cc7\u8a0a\u6216\u5f9e\u53d7\u5bb3\u8005\u96fb\u8166\u53d6\u5f97\u6a94\u6848\u3002Page\u4f7f\u7528Windows 7\/10\u53caWindows Server 2012 R2\u66f4\u65b0\u7248\u7684\u6700\u65b0\u7248IE (11)\u700f\u89bd\u5668\u4f86\u6e2c\u8a66\u6b64\u6f0f\u6d1e\u3002\u6211\u5011\u6aa2\u8996\u4e86\u5b83\u7684\u653b\u64ca\u93c8\u4f86\u4e86\u89e3\u5b89\u5168\u6f0f\u6d1e\u7684\u904b\u4f5c\u539f\u7406\u4ee5\u53ca\u8a72\u5982\u4f55\u89e3\u6c7a\u3002<\/p>\n\n\n\n<p>XXE\u6ce8\u5165\u653b\u64ca\u6703\u5229\u7528\u5e36\u6709\u4e0d\u6b63\u5e38\u8a2d\u5b9aXML\u5916\u90e8\u5be6\u9ad4\u53c3\u7167\uff08<a href=\"https:\/\/cwe.mitre.org\/data\/definitions\/611.html\">CWE-611<\/a>\uff09\u7684XML\u89e3\u6790\u5668\u4f86\u5b58\u53d6\u672a\u7d93\u6388\u6b0a\u5167\u5bb9\u3002XXE\u6ce8\u5165\u9084\u6703\u5229\u7528\u914d\u7f6e\u4e0d\u7576\u7684\u6587\u4ef6\u985e\u578b\u5b9a\u7fa9\uff08<a href=\"https:\/\/cwe.mitre.org\/data\/definitions\/827.html\">CWE-827<\/a>\uff09 \u2013 \u88ab\u7528\u4f86\u5b9a\u7fa9\u6a19\u8a18\u8a9e\u8a00\uff08\u5982XML\uff09\u7684\u6587\u4ef6\u985e\u578b\u3002\u4f8b\u5982\u99ed\u5ba2\u53ef\u4ee5\u7528\u60e1\u610fXML\u6a94\u52a0\u4e0a\u5916\u90e8\u5be6\u9ad4\u53c3\u7167\u4f86\u5229\u7528\u201cfile:\/\/\u201d\u5354\u5b9a\u5b58\u53d6\u672c\u5730\u7aef\u6a94\u6848\uff0c\u6216\u7528\u201chttps:\/\/\u201d\u4f86\u5b58\u53d6\u7db2\u9801\u4f3a\u670d\u5668\u4e0a\u7684\u6a94\u6848\u3002<\/p>\n\n\n\n<!--more-->\n\n\n\n<p>Page\u6240\u56de\u5831\u7684\u6f0f\u6d1e\u6703\u5728\u958b\u555f\u7279\u88fdMIME HTML\u7db2\u9801\u5b58\u6a94\uff08.mht\uff09\u6a94\u6848\u4e26\u4e14\u4f7f\u7528\u8005\u8207\u700f\u89bd\u5668\u9032\u884c\u4e92\u52d5\u6642\u89f8\u767c\uff0c\u4f8b\u5982\u5728IE\u700f\u89bd\u5668\u5167\u7528Ctrl+K\u958b\u555f\u65b0\u5206\u9801\u6216\u7528Ctrl+P\u5217\u5370\u6a94\u6848\u3002\u4f46\u4f7f\u7528\u8005\u4e92\u52d5\u53ef\u4ee5\u900f\u904ewindow.print()\u7b49JavaScript\u51fd\u5f0f\u9032\u884c\u6a21\u64ec\u3002\u4e00\u65e6\u4f7f\u7528\u8005\u958b\u555f\u60e1\u610f.mht\u6a94\uff0c\u99ed\u5ba2\u5c31\u80fd\u5920\u5f9e\u4f7f\u7528\u8005\u7cfb\u7d71\u53d6\u5f97\u6a94\u6848\u3002\u8981\u6ce8\u610f\u7684\u662f\uff0c\u6b64\u6f0f\u6d1e\u8981\u653b\u64ca\u6210\u529f\u5f88\u5927\u7a0b\u5ea6\u4e0a\u4f9d\u8cf4\u65bc<a href=\"https:\/\/blog.trendmicro.com.tw\/?p=101\">\u793e\u4ea4\u5de5\u7a0b\uff08social engineering \uff09<\/a>\u3002\u4f8b\u5982\u99ed\u5ba2\u5fc5\u9808\u8a98\u9a19\u4f7f\u7528\u8005\u4e0b\u8f09\u60e1\u610f.mht\u6a94\u6848\u4e26\u624b\u52d5\u958b\u555f\u3002<\/p>\n\n\n\n<p>Page\u62ab\u9732\u4e86\u9019\u500b\u6f0f\u6d1e\uff0c\u540c\u6642\u6211\u5011\u4e5f\u5c07\u5206\u6790\u5206\u4eab\u7d66\u5fae\u8edf\uff0c\u5fae\u8edf\u767c\u5e03\u4e86\u6b64\u4e00\u5b98\u65b9\u8072\u660e\uff1a<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p><em>\u300c\u50c5\u50c5\u900f\u904eIE\u700f\u89bd\u5668\u7121\u6cd5\u9032\u884c\u9019\u7a2e\u60e1\u610f\u884c\u70ba\u3002\u653b\u64ca\u8005\u5fc5\u9808\u900f\u904e\u793e\u4ea4\u5de5\u7a0b\u8a98\u9a19\u6216\u8aaa\u670d\u4f7f\u7528\u8005\u4e0b\u8f09\u60e1\u610f\u6587\u4ef6\uff0c\u5982\u5783\u573e\u90f5\u4ef6\u9644\u4ef6\u6216\u7db2\u8def\u91e3\u9b5a\u6d3b\u52d5\u89f8\u767c\u4e0b\u8f09\u3002\u7136\u5f8c\u5fc5\u9808\u7528\u700f\u89bd\u5668\u958b\u555f\u8a72\u6a94\u6848\u3002\u70ba\u4e86\u9632\u6b62\u9019\u985e\u653b\u64ca\uff0c\u5fc5\u9808\u9075\u5faa\u826f\u597d\u7684\u7db2\u8def\u4f7f\u7528\u7fd2\u6163\uff0c\u6bd4\u65b9\u8aaa\u907f\u514d\u5f9e\u7db2\u8def\u4e0b\u8f09\u548c\u958b\u555f\u53ef\u7591\u6a94\u6848\u3002\u300d<\/em><\/p><\/blockquote>\n\n\n\n<p><strong><em>\u6f0f\u6d1e\u5f71\u97ff<\/em><\/strong><\/p>\n\n\n\n<p>\u99ed\u5ba2\u653b\u64ca\u6f0f\u6d1e\u6210\u529f\u5f8c\u53ef\u4ee5\u5b58\u53d6\u4f7f\u7528\u8005\u7cfb\u7d71\u5167\u7684\u654f\u611f\u6a94\u6848\u3002\u9084\u53ef\u80fd\u53d6\u5f97\u8b93\u4e4b\u5f8c\u9032\u884c\u66f4\u591a\u653b\u64ca\u6216\u653e\u5165\u66f4\u591a\u60e1\u610f\u7a0b\u5f0f\u7684\u5075\u5bdf\u8cc7\u8a0a\u3002\u4f8b\u5982\u99ed\u5ba2\u53ef\u4ee5\u53d6\u5f97\u96fb\u8166\u4e0a\u5b89\u88dd\u7684\u61c9\u7528\u7a0b\u5f0f\u3001\u7db2\u8def\u8a2d\u5b9a\u3001\u6b0a\u9650\u548c\u9632\u6bd2\u8edf\u9ad4\u7b49\u8a73\u7d30\u8cc7\u8a0a\u3002\u99ed\u5ba2\u63a5\u8457\u5c31\u80fd\u5229\u7528\u9019\u4e9b\u8cc7\u8a0a\u5728\u53d7\u5f71\u97ff\u7db2\u8def\u5167\u53d6\u5f97\u7acb\u8db3\u9ede\u3002<\/p>\n\n\n\n<p>XXE\u6ce8\u5165\u653b\u64ca\u4e26\u975e\u65b0\u5a01\u8105\uff0c\u4f46\u6703\u5e36\u4f86\u91cd\u5927\u7684\u8cc7\u5b89\u98a8\u96aa\u3002\u4e8b\u5be6\u4e0a\uff0cXXE\u653b\u64ca\u4e00\u76f4\u90fd<a href=\"https:\/\/www.owasp.org\/images\/b\/b0\/OWASP_Top_10_2017_RC2_Final.pdf\">\u5217\u5728<\/a>OWASP<a href=\"https:\/\/threatpost.com\/severe-php-exploit-threatens-wordpress-sites-with-remote-code-execution\/136649\/\">\u61c9\u7528\u7a0b\u5f0f<\/a>\u53ca\u5e38\u898b<a href=\"https:\/\/news.softpedia.com\/news\/rce-and-xxe-vulnerabilities-discovered-magento-495535.shtml\">\u5de5\u5177<\/a>\u548c\u8edf\u9ad4<a href=\"https:\/\/thehackernews.com\/2014\/04\/hacking-google-server-XML-External-Entity.html\">\u529f\u80fd<\/a>\u7684\u91cd\u5927\u8cc7\u5b89\u98a8\u96aa\u5217\u8868\u4e0a\u3002\u53e6\u4e00\u503c\u5f97\u6ce8\u610f\u7684\u662f.mht\u6a94\u88ab\u7528\u4f5c\u653b\u64ca\u5a92\u4ecb\uff0c\u56e0\u70ba\u5b83\u4e5f\u5e38\u88ab\u7528\u5728<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/cve-2016-3298-microsoft-fixes-another-ie-zero-day-used-in-adgholas\/\">\u6f0f\u6d1e\u653b\u64ca\u5305<\/a>\u548c<a href=\"https:\/\/blog.talosintelligence.com\/2016\/11\/fareit-spam-mht.html\">\u8cc7\u8a0a\u7aca\u53d6\u75c5\u6bd2<\/a>\u7b49\u5a01\u8105\u3002<\/p>\n\n\n\n<p><strong><em>\u653b\u64ca\u93c8\u5206\u6790<\/em><\/strong><\/p>\n\n\n\n<p>\u99ed\u5ba2\u60f3\u8981\u5229\u7528\u6b64\u6f0f\u6d1e\u5fc5\u9808\u5148\u5728\u7db2\u9801\u4f3a\u670d\u5668\u4e0a\u653e\u7f6e\u60e1\u610fXML\u6a94\u3002\u6b64XML\u6a94\u8981\u5728ENTITY\u6a19\u8a18\u5167\u6307\u5b9a\u8981\u5f9e\u4f7f\u7528\u8005\u7cfb\u7d71\u53d6\u5f97\u7684\u7279\u5b9a\u6a94\u6848\u3002\u540c\u6642\u9019\u500b\u6a94\u6848\u8981\u88ab\u4f7f\u7528\u8005\u5728\u96fb\u8166\u4e0a\u624b\u52d5\u958b\u555f\u7684\u60e1\u610fMHTML\u6a94\u53c3\u7167\u70ba\u5916\u90e8\u5be6\u9ad4\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/04\/xxe-injection-internet-explorer-1.png\" alt=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/04\/xxe-injection-internet-explorer-1.png\"\/><\/figure>\n\n\n\n<p><em>\u57161. <\/em><em>\u5f9e\u4f7f\u7528\u8005\u7cfb\u7d71<\/em><em>\u53d6\u5f97\u6307\u5b9a<\/em><em>\u6a94\u6848\u7684\u60e1\u610fXML<\/em><em>\u6a94<\/em><\/p>\n\n\n\n<p>\u653b\u64ca\u8005\u5fc5\u9808\u8aaa\u670d\u4f7f\u7528\u8005\u5f9e\u653b\u64ca\u5a92\u4ecb\uff08\u5982\u793e\u4ea4\u5de5\u7a0b\u5783\u573e\u90f5\u4ef6\u9644\u4ef6\u6a94\u6216<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/definition\/phishing\/\">\u7db2\u8def\u91e3\u9b5a<\/a>\uff09\u4e0b\u8f09\u60e1\u610fMHTML\u6a94\u6848\u3002\u63a5\u8457\u90f5\u4ef6\u5ba2\u6236\u7aef\u5fc5\u9808\u7528IE\u700f\u89bd\u5668\u958b\u555f\u60e1\u610f\u6a94\u6848\u3002\u8acb\u6ce8\u610f\uff0cIE\u700f\u89bd\u5668\u662f\u6240\u6709\u7248\u672cWindows\u958b\u555fMHTML\u6a94\u6848\u7684\u9810\u8a2d\u61c9\u7528\u7a0b\u5f0f\uff0c\u56e0\u6b64\u4f7f\u7528\u8005\u7121\u9700\u6307\u5b9a\u61c9\u7528\u7a0b\u5f0f\u3002\u5982\u57163\u6240\u793a\uff0c\u4e00\u65e6\u958b\u555f\u60e1\u610fMHTML\u6a94\uff0cIE\u700f\u89bd\u5668\u6703\u5411\u653b\u64ca\u8005\u7684\u4f3a\u670d\u5668\u767c\u9001GET\u8acb\u6c42\u4f86\u53d6\u5f97\u60e1\u610fXML\u6a94\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/04\/xxe-injection-internet-explorer-2.jpg\" alt=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/04\/xxe-injection-internet-explorer-2.jpg\"\/><\/figure>\n\n\n\n<p><em>\u57162. <\/em><em>\u7bc4\u4f8bMHTML<\/em><em>\u6a94<\/em><em>\u5229\u7528IE<\/em><em>\u700f\u89bd\u5668\u7684XXE<\/em><em>\u6f0f\u6d1e\u5f9e\u653b\u64ca\u8005\u96fb\u8166\u4e0b\u8f09\u60e1\u610fXML<\/em><em>\u6a94<\/em><\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/04\/xxe-injection-internet-explorer-3.png\" alt=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/04\/xxe-injection-internet-explorer-3.png\"\/><\/figure>\n\n\n\n<p><em>\u57163. <\/em><em>\u5f9e\u5ba2\u6236\u7aef\u767c\u9001\u5230\u653b\u64ca\u8005\u4f3a\u670d\u5668\u4f86\u53d6\u5f97\u60e1\u610fXML<\/em><em>\u6a94\u7684\u5c01\u5305\u64f7\u53d6<\/em><\/p>\n\n\n\n<p>\u5f9e\u57161\u53ef\u4ee5\u770b\u51fa\u60e1\u610fXML\u6a94\u5305\u542b\u6b32\u53d6\u5f97\u6a94\u6848\u7684\u8a73\u7d30\u8cc7\u8a0a\u4ee5\u53ca\u653b\u64ca\u8005\u4f3a\u670d\u5668\u7684URI\uff08\u7d71\u4e00\u8cc7\u6e90\u6a19\u8b58\u7b26\uff09\u3002\u653b\u64ca\u8005\u5728\u60e1\u610fXML\u6a94\u53c3\u7167\u7684\u6a94\u6848\u5167\u5bb9\u6703\u7528\u540c\u4e00XML\u6a94\u5167\u7684URI\u8def\u5f91\u9001\u56de\u653b\u64ca\u8005\u4f3a\u670d\u5668\u3002\u63a5\u8457\u986f\u793a\u5728\u653b\u64ca\u8005\u90a3\u4e00\u7aef\u3002<\/p>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/04\/xxe-injection-internet-explorer-4.png\" alt=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/files\/2019\/04\/xxe-injection-internet-explorer-4.png\"\/><\/figure>\n\n\n\n<p>\u57164\uff1a\u5f9e\u5ba2\u6236\u7aef\u5c07\u76ee\u6a19\u6a94\u6848\u5167\u5bb9\u767c\u9001\u5230\u653b\u64ca\u8005\u4f3a\u670d\u5668\u7684\u5c01\u5305\u64f7\u53d6<\/p>\n\n\n\n<p>\u8da8\u52e2\u79d1\u6280\u89e3\u6c7a\u65b9\u6848<\/p>\n\n\n\n<p>\u622a\u81f3\u672c\u6587\u64b0\u5beb\u6642\uff0c\u5fae\u8edf\u5c1a\u672a\u91dd\u5c0d\u6b64\u6f0f\u6d1e\u767c\u5e03\u4fee\u5fa9\u7a0b\u5f0f\u3002\u4f7f\u7528\u8005\u5728\u958b\u555f\u672a\u77e5\u4f86\u6e90\u7684\u4efb\u4f55\u6a94\u6848\u6642\u90fd\u61c9\u8a72\u8981<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/best-practices-identifying-and-mitigating-phishing-attacks\">\u5c0f\u5fc3\u8b39\u614e<\/a>\u3002\u8981\u5229\u7528\u6b64\u6f0f\u6d1e\u9700\u8981\u8a98\u9a19\u4f7f\u7528\u8005\u958b\u555f\u60e1\u610f\u6a94\u6848\u3002\u907f\u514d\u9ede\u64ca<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/infosec-guide-email-threats\">\u53ef\u7591\u4f86\u6e90<\/a>\u7684\u9023\u7d50\u6216\u4e0b\u8f09\u3001\u958b\u555f\u6a94\u6848\u3002\u78ba\u4fdd\u4f5c\u696d\u7cfb\u7d71\u53ca\u61c9\u7528\u7a0b\u5f0f\u66f4\u65b0\u5230\u6700\u65b0\u7248\u672c\uff08\u6216\u5728\u820a\u7cfb\u7d71\u4e0a\u4f7f\u7528<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/vulnerabilities-and-exploits\/virtual-patching-patch-those-vulnerabilities-before-they-can-be-exploited\">\u865b\u64ec\u4fee\u88dc\u6280\u8853<\/a>\uff09\u3002\u7cfb\u7d71\u7ba1\u7406\u54e1\u3001\u958b\u767c\u4eba\u54e1\u548c\u7a0b\u5f0f\u8a2d\u8a08\u5e2b\u4e5f\u5fc5\u9808\u9075\u5faa<a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cybercrime-and-digital-threats\/infosec-guide-web-injections\/\">\u6700\u4f73\u5be6\u4f5c<\/a>\u3002\u4f8b\u5982\uff0cOWASP\u6709\u4e00\u4efd\u9632\u6b62XXE\u554f\u984c\u7684\u5efa\u8b70<a href=\"https:\/\/github.com\/OWASP\/CheatSheetSeries\/blob\/master\/cheatsheets\/XML_External_Entity_Prevention_Cheat_Sheet.md\">\u5217\u8868<\/a>\u3002<\/p>\n\n\n\n<p>\u8da8\u52e2\u79d1\u6280\u7684<a href=\"\u8da8\u52e2\u79d1\u6280Deep%20Security\">Deep Security<\/a>\u548c <a href=\"https:\/\/www.trendmicro.tw\/tw\/enterprise\/product-security\/vulnerability-protection\/\">Vulnerability Protection<\/a> \u6f0f\u6d1e\u9632\u8b77\u53ef\u4ee5\u900f\u904e\u4ee5\u4e0bDPI\u898f\u5247\u4f86\u4fdd\u8b77\u4f7f\u7528\u8005\u7cfb\u7d71\u4e0d\u53d7\u6b64\u6f0f\u6d1e\u5a01\u8105\uff1a<\/p>\n\n\n\n<p>1005676 \u2013 Identified Download Of XML File\nWith External Entity Reference<\/p>\n\n\n\n<p>\u8da8\u52e2\u79d1\u6280\u7684<a href=\"https:\/\/www.trendmicro.com\/en_us\/business\/products\/network\/integrated-atp\/next-gen-intrusion-prevention-system.html\">TippingPoint<\/a>\u5ba2\u6236\u53ef\u900f\u904e\u4ee5\u4e0b<a href=\"https:\/\/www.trendmicro.com\/en_us\/business\/products\/network\/integrated-atp\/digital-vaccine.html\">MainlineDV<\/a>\u904e\u6ffe\u5668\u4f86\u4fdd\u8b77\u6b64\u6f0f\u6d1e\uff1a<\/p>\n\n\n\n<p>13855 \u2013 TCP: XML External Entity (XXE)\nUsage<\/p>\n\n\n\n<p>@\u539f\u6587\u51fa\u8655\uff1a<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/zero-day-xml-external-entity-xxe-injection-vulnerability-in-internet-explorer-can-let-attackers-steal-files-system-info\/?utm_source=feedburner&amp;utm_medium=email&amp;utm_campaign=Feed%3A+Anti-MalwareBlog+%28Trendlabs+Security+Intelligence+Blog%29\">Zero-day\nXML External Entity (XXE) Injection Vulnerability in IE\u700f\u89bd\u5668\nCan Let Attackers Steal Files, System Info<\/a>\n\u4f5c\u8005\uff1aRanga Duraisamy\u548cKassiane Westell\uff08<a href=\"https:\/\/blog.trendmicro.com\/trendlabs-security-intelligence\/author\/trend-micro\/\">\u8da8\u52e2\u79d1\u6280<\/a>\u6f0f\u6d1e\u7814\u7a76\u54e1\uff09<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u8cc7\u5b89\u7814\u7a76\u54e1John Page\u6700\u8fd1\u62ab\u9732\u4e86\u4e00\u500b\u5fae\u8edfIE\u700f\u89bd\u5668\u7684XXE\uff08XML\u5916\u90e8\u5be6\u9ad4\uff09\u96f6\u6642\u5dee\u6ce8\u5165\u6f0f\u6d1e\u3002\u6839\u64da\u5831\u5c0e\uff0c\u99ed [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_wpscppro_dont_share_socialmedia":false,"_wpscppro_custom_social_share_image":0,"_facebook_share_type":"","_twitter_share_type":"","_linkedin_share_type":"","_pinterest_share_type":"","_linkedin_share_type_page":"","_instagram_share_type":"","_medium_share_type":"","_threads_share_type":"","_google_business_share_type":"","_selected_social_profile":[],"_wpsp_enable_custom_social_template":false,"_wpsp_social_scheduling":{"enabled":false,"datetime":null,"platforms":[],"status":"template_only","dateOption":"today","timeOption":"now","customDays":"","customHours":"","customDate":"","customTime":"","schedulingType":"absolute"},"_wpsp_active_default_template":true},"categories":[156],"tags":[1512,2292],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/60312"}],"collection":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=60312"}],"version-history":[{"count":0,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/60312\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=60312"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=60312"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.trendmicro.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=60312"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}