NeChishanu, Kubvumbi 12, nyanzvi yezvekuchengetedza ruzivo John Peji yakaburitsa ruzivo nezve kusagadziriswa kusingagadziriswe mune yazvino vhezheni yeInternet Explorer, uye yakaratidzawo kuita kwayo. Kusagadzikana uku kunogona kuita kuti munhu anorwisa awane zviri mukati memafaira evashandisi veWindows, achipfuura chengetedzo yebrowser.
Kusagadzikana kuri pamabatiro anoita Internet Explorer mafaera eMHTML, kazhinji ayo ane .mht kana .mhtml extension. Iyi fomati inoshandiswa neInternet Explorer nekusarudzika kuchengetedza mapeji ewebhu, uye inobvumidza iwe kuchengetedza zvese zviri papeji pamwe chete nezvese midhiya zvirimo sefaira rimwe chete. Parizvino, mabhurawuza mazhinji emazuva ano haasisiri kuchengetedza mapeji ewebhu muMHT fomati uye anoshandisa yakajairwa WEB fomati - HTML, asi ivo vachiri kutsigira mafaera ekugadzirisa mune iyi fomati, uye vanogona kuishandisa zvakare kuchengetedza neakakodzera marongero kana kushandisa ekuwedzera.
Kusagadzikana kwakawanikwa naJohn ndeye XXE (XML eExternal Entity) kirasi yekusagadzikana uye ine zvisizvo zvigadziriso zveXML kodhi yekubata muInternet Explorer. "Kusagadzikana uku kunobvumira anorwisa ari kure kuti akwanise kuwana mafaera emunharaunda emushandisi uye, semuenzaniso, anobvisa ruzivo nezve vhezheni yesoftware yakaiswa pane system," inodaro Peji. "Saka mubvunzo we'c:Python27NEWS.txt' uchadzosa shanduro yechirongwa ichocho (muturikiri wePython pakadai)."
Sezvo muWindows mafaera ese eMHT achivhurwa muInternet Explorer nekusarudzika, kushandisa kusazvibata uku ibasa diki nekuti mushandisi anongoda kudzvanya kaviri pafaira rine njodzi rinogamuchirwa neemail, masocial network kana vatumwa pakarepo.
"Kazhinji, kana uchigadzira chiitiko cheActiveX chinhu, chakadai seMicrosoft.XMLHTTP, mushandisi achagamuchira yambiro yekuchengetedza muInternet Explorer iyo inokumbira kusimbiswa kuti ivhure izvo zvakavharwa," anotsanangura kudaro muongorori. "Zvisinei, pakuvhura faira rakafanogadzirirwa .mht uchishandisa ma tags ane manyorerwo akasarudzika mushandisi haagamuchire yambiro nezvezvinhu zvinogona kukuvadza."
Sekureva kwePeji, akabudirira kuyedza kusagadzikana mune yazvino vhezheni yeInternet Explorer 11 browser ine zvese zvazvino zvekuchengetedza zvigadziriso pa Windows 7, Windows 10 uye Windows Server 2012 R2.
Zvichida nhau dzakanaka chete mukuburitswa pachena kweveruzhinji nezvekusagadzikana uku inyaya yekuti Internet Explorer yaimbove yakanyanya musika mugove ikozvino yadonha kusvika pa7,34% chete, maererano neNetMarketShare. Asi sezvo Windows ichishandisa Internet Explorer sechishandiso chekuvhura MHT mafaera, vashandisi havafanire kuseta IE sebrowser yavo, uye vachiri panjodzi chero bedzi IE ichiripo pamasisitimu avo uye havabhadhare. kutarisisa kudhawunirodha mafomati mafaera paInternet.
Kudzoka munaKurume 27, John akazivisa Microsoft nezvekusagadzikana uku mubrowser yavo, asi muna Kubvumbi 10, muongorori akagamuchira mhinduro kubva kukambani, apo yakaratidza kuti haina kufunga kuti dambudziko iri rakakosha.
"Kugadzirisa kunongoburitswa neshanduro inotevera yechigadzirwa," Microsoft akadaro mutsamba. "Parizvino hatina hurongwa hwekuburitsa mhinduro yenyaya iyi."
Mushure memhinduro yakajeka kubva kuMicrosoft, muongorori akaburitsa ruzivo rwekusagadzikana kwezero-zuva pawebhusaiti yake, pamwe nekodhi yedemo uye vhidhiyo paYouTube.
Kunyangwe kuita kwekusagadzikana uku kusiri nyore uye kunoda neimwe nzira kumanikidza mushandisi kuti amhanye isingazivikanwe MHT faira, kusazvibata uku hakufanirwe kutorwa zvishoma kunyangwe kushaikwa kwemhinduro kubva kuMicrosoft. Mapoka eHacker akashandisa MHT mafaera ekubira uye kugovera malware munguva yakapfuura, uye hapana chinovamisa kuita izvozvi.
Nekudaro, kuti udzivise izvi uye nekusagadzikana kwakawanda kwakafanana, iwe unongoda kutarisisa kuwedzeredzwa kwemafaira aunogamuchira kubva kuInternet uye woatarisa neantivirus kana paVirusTotal webhusaiti. Uye kuti uwedzere kuchengetedzeka, ingoseta yako browser yaunofarira kunze kweInternet Explorer seyakagadzika application ye.mht kana .mhtml mafaera. Semuenzaniso, mukati Windows 10 izvi zvinoitwa nyore nyore mu "Sarudza akajairwa mafomu emhando dzefaira" menyu.
Source: 3dnews.ru