Ngaphambili thina mayelana nobungozi bosuku oluyiziro ku-Internet Explorer, okuvumela ukusebenzisa ifayela le-MHT elilungiselelwe ngokukhethekile ukulanda ulwazi kusuka kukhompyutha yomsebenzisi kuya kuseva ekude. Muva nje, lokhu kuba sengcupheni, okutholwe uchwepheshe wezokuphepha uJohn Page, kunqume ukuhlola nokufunda omunye uchwepheshe owaziwayo kulo mkhakha - uMitya Kolsek, umqondisi we-ACROS Security, inkampani yocwaningo lwezokuphepha, kanye nomsunguli wenkonzo ye-micropatch 0patch. Yena umlando ogcwele wophenyo lwayo, okubonisa ukuthi iMicrosoft yabubukela phansi kakhulu ubunzima benkinga.
Ngokudabukisayo, u-Kolsek ekuqaleni akakwazanga ukukhiqiza kabusha ukuhlasela okuchazwe futhi kwaboniswa uJohn, lapho asebenzisa i-Internet Explorer esebenza ku-Windows 7 ukulanda bese evula ifayela elinonya le-MHT. Nakuba umphathi wenqubo yakhe ebonisa ukuthi i-system.ini, okwakuhlelelwe ukuthi yebiwe kuye, yafundwa umbhalo ofihliwe efayeleni le-MHT, kodwa ayizange ithunyelwe kuseva ekude.
"Lokhu kubukeka njengesimo sakudala se-Web," kubhala u-Kolsek. “Lapho ifayela lamukelwe livela ku-inthanethi, izinhlelo zokusebenza ze-Windows ezisebenza kahle njengeziphequluli zewebhu namaklayenti e-imeyili engeza ilebula kufayela elinjalo efomini. enegama elithi Zone.Identifier equkethe iyunithi yezinhlamvu ZoneId = 3. Lokhu kwenza ezinye izinhlelo zokusebenza zazi ukuthi ifayela livela emthonjeni ongathenjwa ngakho kufanele livulwe kubhokisi lesihlabathi noma kwenye indawo ekhawulelwe."
Umcwaningi uqinisekise ukuthi i-IE empeleni isetha ilebula enjalo yefayela le-MHT elilandiwe. U-Kolsek wabe esezama ukulanda ifayela elifanayo esebenzisa i-Edge futhi alivule ku-IE, okuhlala kuwuhlelo oluzenzakalelayo lwamafayela e-MHT. Ngokungalindelekile, ukuxhaphaza kwasebenza.
Okokuqala, umcwaningi uhlole i-“mark-of-the-Web”, kwavela ukuthi i-Edge ibuye igcine umthombo wemvelaphi yefayela kokunye ukusakazwa kwedatha ngaphezu kwesihlonzi sezokuphepha, esingase siphakamise imibuzo ethile mayelana nobumfihlo balokhu. indlela. U-Kolsek ucabange ukuthi imigqa eyengeziwe ingase idide i-IE futhi iyivimbele ekufundeni i-SID, kodwa njengoba kuvela, inkinga yayikwenye indawo. Ngemva kokuhlaziya isikhathi eside, uchwepheshe wezokuphepha uthole imbangela ekufakweni okubili ohlwini lokulawula ukufinyelela okwengeze ilungelo lokufunda ifayela le-MHT kusevisi yesistimu ethile, u-Edge ayengeze lapho ngemva kokuyilayisha.
U-James Foreshaw ovela ethimbeni elizinikele lezinsuku eziyiziro labasengozini - Google Project Zero - ubhale ku-tweet ukuthi okufakiwe okungezwe yi-Edge kubhekisela ezihlonzi zokuphepha zeqembu zephakheji Microsoft.MicrosoftEdge_8wekyb3d8bbwe. Ngemva kokukhipha umugqa wesibili we-SID S-1-15-2 - * ohlwini lokulawula ukufinyelela lwefayela eliyingozi, ukuxhaphaza akusasebenzi. Ngenxa yalokho, ngandlela thile imvume engezwe yi-Edge ivumele ifayela ukuthi lidlule ibhokisi lesandbox ku-IE. Njengoba u-Kolsek nozakwabo basikisela, i-Edge isebenzisa lezi zimvume ukuvikela amafayela alandiwe ekufinyeleleni ngezinqubo ezithembeke kancane ngokusebenzisa ifayela endaweni engayodwa.
Okulandelayo, umcwaningi wayefuna ukuqonda kangcono ukuthi yini ebangela ukuthi uhlelo lwezokuphepha lwe-IE lwehluleke. Ukuhlaziywa okujulile kusetshenziswa insiza ye-Process Monitor kanye ne-IDA disassembler ekugcineni kwembule ukuthi ukulungiswa kwesethi ye-Edge kuvimbele umsebenzi we-Win Api i-GetZoneFromAlternateDataStreamEx ekufundeni ukusakaza kwefayela le-Zone.Identifier futhi kubuyise iphutha. Ku-Internet Explorer, iphutha elinjalo lapho kucelwa ilebula yezokuphepha yefayela bekungalindelekile nhlobo, futhi, ngokusobala, isiphequluli sicabange ukuthi iphutha lilingana neqiniso lokuthi ifayela alinalo uphawu “lophawu lwewebhu”, okwenza ukuthi ithenjwe ngokuzenzakalelayo, ngemva kokuthi kungani i-IE ivumele iskripthi esifihlwe kufayela le-MHT ukuthi sisebenzise futhi sithumele ifayela lendawo eliqondiwe kuseva ekude.
"Uyayibona indida lapha?" Kubuza uKolsek. "Isici sokuphepha esingabhaliwe esisetshenziswe yi-Edge sinciphise isici esikhona, ngokungangabazeki esibaluleke kakhulu (umaka-we-Web) ku-Internet Explorer."
Ngaphandle kokubaluleka okukhuphukile kokuba sengozini, okuvumela iskripthi esinonya ukuthi sisetshenziswe njengesikripthi esithenjwayo, akukho nkomba yokuthi iMicrosoft ihlose ukulungisa iphutha noma nini maduze, uma sike salungiswa. Ngakho-ke, sisancoma ukuthi, njengaku-athikili edlule, uguqule uhlelo oluzenzakalelayo lokuvula amafayela we-MHT kunoma yisiphi isiphequluli sesimanje.
Yiqiniso, ucwaningo lukaKolsek aluzange luhambe ngaphandle kwe-self-PR encane. Ekupheleni kwesihloko, ubonise isiqeshana esincane esibhalwe ngolimi lomhlangano esingasebenzisa insizakalo ye-0patch eyakhiwe inkampani yakhe. I-0patch ithola ngokuzenzakalelayo isofthiwe esengozini kukhompuyutha yomsebenzisi futhi isebenzise iziqephu ezincane kuyo ngokoqobo uma undiza. Isibonelo, esimweni esisichazile, i-0patch izongena esikhundleni somlayezo wephutha kumsebenzi we-GetZoneFromAlternateDataStreamEx ngenani elihambisana nefayela elingathenjwa elitholwe kunethiwekhi, ukuze i-IE ingavumeli noma yiziphi izikripthi ezifihliwe ukuthi zifakwe ngokuhambisana ne-built- kunqubomgomo yezokuphepha.
Source: 3dnews.ru