{"id":10009,"date":"2021-09-09T13:59:13","date_gmt":"2021-09-09T10:59:13","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=10009"},"modified":"2021-09-09T13:59:13","modified_gmt":"2021-09-09T10:59:13","slug":"cve-2021-40444-vulnerability-mshtml","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/cve-2021-40444-vulnerability-mshtml\/10009\/","title":{"rendered":"Internet Explorer’daki g\u00fcvenlik a\u00e7\u0131\u011f\u0131 Microsoft Office kullan\u0131c\u0131lar\u0131n\u0131 tehdit ediyor"},"content":{"rendered":"

Microsoft, CVE-2021-40444 kodlu, kurbanlar\u0131n bilgisayar\u0131nda uzaktan k\u00f6t\u00fc ama\u00e7l\u0131 kod y\u00fcr\u00fct\u00fclmesine<\/a> izin veren bir s\u0131f\u0131r g\u00fcn (zero-day) g\u00fcvenlik a\u00e7\u0131\u011f\u0131 bildirdi<\/a>. Daha da k\u00f6t\u00fcs\u00fc, siber su\u00e7lular halen Microsoft Office kullan\u0131c\u0131lar\u0131na sald\u0131rmak i\u00e7in bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 kullan\u0131yor. Bu nedenle Microsoft, Windows a\u011f y\u00f6neticilerine, \u015firket bir yama yay\u0131nlayana kadar ge\u00e7ici bir \u00e7\u00f6z\u00fcm kullanmalar\u0131n\u0131 tavsiye ediyor.<\/p>\n

CVE-2021-40444\u2019\u00fcn ayr\u0131nt\u0131lar\u0131<\/h2>\n

G\u00fcvenlik a\u00e7\u0131\u011f\u0131, Internet Explorer\u2019\u0131n MSHTML motorunda bulunuyor. Her ne kadar art\u0131k bug\u00fcn \u00e7ok az say\u0131da ki\u015fi IE kullan\u0131yor olsa da (Microsoft bile \u015fiddetle \u015firketin yeni taray\u0131c\u0131s\u0131 Edge\u2019e ge\u00e7ilmesini tavsiye ediyor), eski taray\u0131c\u0131 modern i\u015fletim sistemlerinin bir bile\u015feni olmaya devam ediyor ve di\u011fer baz\u0131 programlar Web i\u00e7eri\u011fini i\u015fleme konusunda IE\u2019nin motorunu kullan\u0131yorlar. \u00d6zellikle, Word ve PowerPoint gibi Microsoft Office uygulamalar\u0131 buna dayan\u0131yor.<\/p>\n

Sald\u0131rganlar CVE-2021-40444 a\u00e7\u0131\u011f\u0131ndan nas\u0131l faydalan\u0131yor?<\/h2>\n

Sald\u0131r\u0131lar, Microsoft Office belgelerine g\u00f6m\u00fcl\u00fc k\u00f6t\u00fc ama\u00e7l\u0131 ActiveX denetimleri gibi g\u00f6r\u00fcn\u00fcyor. Denetimler, iste\u011fe ba\u011fl\u0131 kod y\u00fcr\u00fct\u00fclmesini sa\u011fl\u0131yor; belgeler b\u00fcy\u00fck olas\u0131l\u0131kla e-posta ekleri olarak geliyor.<\/p>\n

Ek yap\u0131lan her belgede oldu\u011fu gibi, sald\u0131rganlar\u0131n kurbanlar\u0131 \u2013 \u00f6zellikle y\u00f6netici ayr\u0131cal\u0131klar\u0131na sahip kullan\u0131c\u0131lar\u0131 \u2013 dosyay\u0131 a\u00e7maya ikna etmesi gerekiyor.<\/p>\n

Teoride Microsoft Office, internetten indirilen belgeleri Korumal\u0131 G\u00f6r\u00fcn\u00fcm\u2019de veya Office i\u00e7in Uygulama Korumas\u0131 arac\u0131l\u0131\u011f\u0131yla a\u00e7ar ve bu y\u00f6ntemlerden herhangi biri bir CVE-2021-40444 sald\u0131r\u0131s\u0131n\u0131 \u00f6nleyebilir. Ancak kullan\u0131c\u0131lar, d\u00fc\u015f\u00fcnmeden D\u00fczenlemeyi Etkinle\u015ftir d\u00fc\u011fmesini t\u0131klayarak Microsoft\u2019un g\u00fcvenlik mekanizmalar\u0131n\u0131 devre d\u0131\u015f\u0131 b\u0131rakabiliyor.<\/p>\n

\"\"

Microsoft Word\u2019deki Korumal\u0131 G\u00f6r\u00fcn\u00fcm modu bildirimi<\/p><\/div>\n

\u015eirketinizi CVE-2021-40444\u2019ten nas\u0131l korursunuz?<\/h2>\n

Microsoft, konuyu ara\u015ft\u0131raca\u011f\u0131na ve gerekmesi halinde resmi bir yama yay\u0131nlayaca\u011f\u0131na ili\u015fkin taahh\u00fctte bulundu. Bununla birlikte, bir sonraki Sal\u0131 Yamas\u0131 tarihi olan 14 Eyl\u00fcl\u2019den \u00f6nce bir yama yay\u0131nlanmas\u0131n\u0131 beklemiyoruz. Normal \u015fartlarda \u015firket, d\u00fczeltmesini yay\u0131nlamadan \u00f6nce bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 duyurmuyor ancak siber su\u00e7lular zaten CVE-2021-40444 g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan faydaland\u0131\u011f\u0131 i\u00e7in, Microsoft derhal ge\u00e7ici bir \u00e7\u00f6z\u00fcm kullan\u0131lmas\u0131n\u0131 \u00f6neriyor.<\/p>\n

Bu ge\u00e7ici \u00e7\u00f6z\u00fcm, sistem kay\u0131t defterine birka\u00e7 anahtar ekleyerek yapabilece\u011finiz yeni ActiveX denetimlerinin y\u00fcklenmesini yasaklamay\u0131 i\u00e7eriyor. Microsoft, bir Ge\u00e7ici \u00c7\u00f6z\u00fcmler b\u00f6l\u00fcm\u00fc de dahil olmak \u00fczere (bu b\u00f6l\u00fcmden, art\u0131k ihtiyac\u0131n\u0131z kalmad\u0131\u011f\u0131nda ge\u00e7ici \u00e7\u00f6z\u00fcm\u00fc nas\u0131l devre d\u0131\u015f\u0131 b\u0131rakaca\u011f\u0131n\u0131z\u0131 da \u00f6\u011frenebilirsiniz) g\u00fcvenlik a\u00e7\u0131\u011f\u0131 hakk\u0131nda ayr\u0131nt\u0131l\u0131 bilgi<\/a> sunuyor. Microsoft\u2019a g\u00f6re ge\u00e7ici \u00e7\u00f6z\u00fcm, halihaz\u0131rda y\u00fckl\u00fc olan ActiveX denetimlerinin performans\u0131n\u0131 etkilemiyor.<\/p>\n

Kendi a\u00e7\u0131m\u0131zdan:<\/p>\n