Kare isu nezve njodzi yakawanikwa yezero-zuva muInternet Explorer, iyo inobvumira kushandisa yakanyatsogadzirirwa MHT faira kudhawunirodha ruzivo kubva pakombuta yemushandisi kuenda kune iri kure server. Nguva pfupi yadarika, kusagadzikana uku, kwakawanikwa nenyanzvi yezvekuchengetedza John Peji, yakafunga kutarisa nekudzidza imwe nyanzvi inozivikanwa munharaunda iyi - Mitya Kolsek, director weACROS Security, kambani yekuongorora yekuchengetedza, uye mubatsiri weiyo micropatch service 0patch. Iye yakazara nhoroondo yekuferefeta kwayo, zvichiratidza kuti Microsoft yakarerutsa kuoma kwedambudziko.
Zvinoshamisa kuti, Kolsek pakutanga haana kukwanisa kuburitsa kurwiswa kwakatsanangurwa uye kwakaratidzwa naJohn, kwaakashandisa Internet Explorer ichimhanya Windows 7 kurodha uye ovhura faira reMHT rakashata. Kunyange zvazvo mutungamiri wake wepurogiramu akaratidza kuti system.ini, iyo yakarongwa kubiwa kubva kwaari, yakaverengwa ne script yakavanzwa mufaira reMHT, asi haina kutumirwa kune server iri kure.
"Izvi zvaiita senge chiitiko chekare-che-we-Web," Kolsek anonyora. "Kana faira ragamuchirwa kubva paInternet, rinomhanya nemaWindows application senge mabhurawuza ewebhu uye email vatengi vanowedzera label kufaira rakadaro mufomu. ine zita rekuti Zone.Identifier ine tambo ZoneId = 3. Izvi zvinoita kuti mamwe maapplication azive kuti faira rakabva kune risingavimbwe saka rinofanira kuvhurwa mubhokisi rejecha kana kumwe kusingabvumirwe."
Muongorori akasimbisa kuti IE yakanyatso kuseta label yakadaro yefaira reMHT rakatorwa. Kolsek akabva aedza kudhawunirodha faira rimwe chete uchishandisa Edge nekurivhura muIE, inosara iri iyo default application yeMHT mafaera. Nenzira isingakarirwi, kushandiswa kwacho kwakashanda.
Chekutanga, muongorori akatarisa "mark-of-the-Web", zvakazoitika kuti Edge zvakare inochengeta kwainobva faira mune imwe nzira yedata rwizi mukuwedzera kune chekuchengetedza identifier, iyo inogona kumutsa mimwe mibvunzo maererano nekuvanzika kweichi. nzira. Kolsek akafungidzira kuti mitsara yekuwedzera inogona kunge yakavhiringidza IE uye ichiidzivirira kubva pakuverenga SID, asi sezvazvinozoitika, dambudziko raive kumwewo. Mushure mekuongorora kwenguva refu, nyanzvi yezvekuchengetedza yakawana chikonzero mune zvinyorwa zviviri mune yekuwana yekudzora runyorwa iyo yakawedzera kodzero yekuverenga iyo MHT faira kune imwe system sevhisi, iyo Edge yakawedzera ipapo mushure mekurodha.
James Foreshaw kubva kuchikwata chakatsaurirwa chezuva-zero - Google Project Zero - tweeted kuti mapindiro akawedzerwa neEdge anoreva kuchengetedzwa kweboka kwepasuru Microsoft.MicrosoftEdge_8wekyb3d8bbwe. Mushure mekubvisa mutsara wechipiri weSID S-1-15-2 - * kubva kune yekuwana yekudzora runyorwa rweiyo yakaipa faira, iyo yekubata haina kuzoshanda. Nekuda kweizvozvo, neimwe nzira mvumo yakawedzerwa naEdge yakabvumira iyo faira kudarika sandbox muIE. Sezvakataurwa naKolsek nevamwe vake, Edge anoshandisa zvibvumirano izvi kuchengetedza mafaira akadhawunirwa kubva pakuwana neakaderera-ruvimbo maitiro nekumhanyisa faira munzvimbo yakasarudzika.
Zvadaro, muongorori aida kunzwisisa zviri nani kuti chii chinoita kuti IE's chengetedzo system ikundikane. Ongororo yakadzama ichishandisa process Monitor utility uye IDA disassembler yakazoburitsa kuti Edge's set resolution yakatadzisa Win Api basa GetZoneFromAlternateDataStreamEx kuverenga Zone.Identifier file stream uye yakadzosa kukanganisa. Kune Internet Explorer, kukanganisa kwakadaro pakukumbira faira rekuchengetedza rabel kwaisatarisirwa zvachose, uye, sezviri pachena, bhurawuza rakaona kuti kukanganisa kwakaenzana nekuti iyo faira yakanga isina "mucherechedzo-we-wewebhu" mucherechedzo, izvo zvinoita kuti ivimbike, mushure mekuti nei IE yakabvumira script yakavanzwa muMHT faira kuti iite uye kutumira iyo inotarirwa faira renzvimbo kune iri kure server.
"Uri kuona kutsvinya uku?" anobvunza Kolsek. "Chinhu chekuchengetedza chisina kunyorwa chinoshandiswa naEdge chakamisa chiripo, pasina mubvunzo chakanyanya kukosha (mucherechedzo weWebhu) muInternet Explorer."
Zvisinei nekuwedzera kukosha kwekusagadzikana, izvo zvinobvumira script yakaipa kuti imhanyirwe sechinyorwa chinovimbika, hapana chinoratidza kuti Microsoft inotarisira kugadzirisa iyo bug chero nguva munguva pfupi, kana ikazogadziriswa. Naizvozvo, isu tichiri kukurudzira kuti, sechinyorwa chakapfuura, iwe uchinje iyo default chirongwa chekuvhura MHT mafaera kune chero browser yemazuva ano.
Ehe, tsvakiridzo yaKolsek haina kuenda pasina kudiki-PR. Pakupera kwechinyorwa, akaratidza chigamba chidiki chakanyorwa mumutauro wegungano chinogona kushandisa 0patch sevhisi yakagadzirwa nekambani yake. 0patch inoona otomatiki software pakombiyuta yemushandisi uye inoshandisa zvigamba zvidiki pairi panhunzi. Semuenzaniso, mune iyo yatakatsanangura, 0patch ichatsiva iyo yekukanganisa meseji muGetZoneFromAlternateDataStreamEx basa ine kukosha kunoenderana nefaira isina kuvimbwa yakagamuchirwa kubva kunetiweki, kuitira kuti IE isabvumire chero akavanzika script kuti aitwe zvinoenderana neakavakirwa- mune zvekuchengetedza mutemo.
Source: 3dnews.ru