{"id":5404,"date":"2018-11-19T16:58:41","date_gmt":"2018-11-19T13:58:41","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=5404"},"modified":"2019-11-15T14:36:38","modified_gmt":"2019-11-15T11:36:38","slug":"cve-2018-8589-vulnerability-detected","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/cve-2018-8589-vulnerability-detected\/5404\/","title":{"rendered":"CVE-2018-8589: Yeni bir g\u00fcn, yeni bir i\u015fletim sistemi g\u00fcvenlik a\u00e7\u0131\u011f\u0131"},"content":{"rendered":"<p>Bir ay \u00f6nce Microsoft Windows\u2019taki bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n k\u00f6t\u00fcye kullan\u0131ld\u0131\u011f\u0131n\u0131 <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/vulnerability-in-windows-patched\/5307\/\" target=\"_blank\" rel=\"noopener\">buldu\u011fumuzu yazm\u0131\u015ft\u0131k<\/a>. Bu size tan\u0131d\u0131k gelebilir, ama proaktif teknolojilerimiz bir s\u0131f\u0131r g\u00fcn k\u00f6t\u00fcye kulan\u0131m\u0131 daha tespit etti. Bu k\u00f6t\u00fcye kullan\u0131m, yine i\u015fletim sisteminin daha \u00f6nceden bilinmeyen bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 hedef al\u0131yordu. Bu sefer yaln\u0131zca Windows 7 ve Windows Server 2008 risk alt\u0131nda.<\/p>\n<p>Ne var ki bu k\u0131s\u0131tlama, tehdidi daha az tehlikeli hale getirmiyor. Microsoft, Ocak 2015\u2019te Windows Server 2008\u2019e verdi\u011fi ana ak\u0131m deste\u011fi sonland\u0131rm\u0131\u015f ve Windows 10 piyasaya s\u00fcr\u00fcl\u00fcrken bedava g\u00fcncelleme sunmu\u015f olsa da, herkes bu g\u00fcncellemeyi yapmad\u0131. Hala deste\u011fi s\u00fcrd\u00fcrmek i\u00e7in yeterli say\u0131da m\u00fc\u015fterileri oldu\u011fu i\u00e7in geli\u015ftiriciler her iki sistem i\u00e7in de g\u00fcvenlik g\u00fcncellemeleri ve destek sunmaya devam ediyor (14 Ocak 2020\u2019ye kadar da devam etmeleri gerekiyor.)<\/p>\n<p>Uzmanlar\u0131m\u0131z Ekim sonunda k\u00f6t\u00fcye kullan\u0131m\u0131 tespit eder etmez g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 kan\u0131tlar\u0131yla birlikte Microsoft\u2019a bildirdi. Geli\u015ftiriciler 13 Kas\u0131m\u2019da derhal g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 kapad\u0131lar.<\/p>\n<h2>Bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131 ve do\u011furdu\u011fu k\u00f6t\u00fcye kullan\u0131ma dair bilmeniz gerekenler<\/h2>\n<p>Bu, win32k.sys s\u00fcr\u00fcc\u00fcs\u00fcnde s\u0131f\u0131r g\u00fcn ayr\u0131cal\u0131k y\u00fckseltme ile ilgili bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131. Bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 kullanan su\u00e7lular, ma\u011fdurun sisteminde kal\u0131c\u0131l\u0131k sa\u011flamak i\u00e7in gerekli ayr\u0131cal\u0131klar\u0131 kazanabiliyor.<\/p>\n<p>Bu k\u00f6t\u00fcye kullan\u0131m, ba\u015fta Orta Do\u011fu b\u00f6lgesinde olmak \u00fczere bir\u00e7ok APT sald\u0131r\u0131s\u0131nda kullan\u0131ld\u0131. Yaln\u0131zca Windows 7\u2019nin 32 bit s\u00fcr\u00fcmlerini hedef al\u0131yordu. Teknik verileri bu <a href=\"https:\/\/securelist.com\/a-new-exploit-for-zero-day-vulnerability-cve-2018-8589\/88845\/\" target=\"_blank\" rel=\"noopener\">Securelist g\u00f6nderisinde<\/a> bulabilirsiniz. Tehdit istihbarat raporlar\u0131m\u0131za abone olan kullan\u0131c\u0131lar, <a href=\"mailto:intelreports@kaspersky.com\" target=\"_blank\" rel=\"noopener\">intelreports@kaspersky.com<\/a> adresinden bizimle ileti\u015fim kurarak da sald\u0131r\u0131 hakk\u0131nda daha fazla bilgi edinebilir.<\/p>\n<h2>G\u00fcvenli\u011finizi nas\u0131l sa\u011flayabilirsiniz?<\/h2>\n<p>Bu a\u00e7\u0131dan yeni bir \u015fey yok; g\u00fcvenlik a\u00e7\u0131klar\u0131na kar\u015f\u0131 her zamanki tavsiyelerimize kulak vermeye devam edin:<\/p>\n<ul>\n<li><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8589\" target=\"_blank\" rel=\"noopener nofollow\">Vakit kaybetmeden Microsoft\u2019un d\u00fczeltme ekini y\u00fckleyin.<\/a><\/li>\n<li>\u015eirketinizin kulland\u0131\u011f\u0131 t\u00fcm yaz\u0131l\u0131mlar\u0131 d\u00fczenli olarak en son s\u00fcr\u00fcmlerine g\u00fcncelleyin.<\/li>\n<li>G\u00fcncel olmayan yaz\u0131l\u0131mlar\u0131, verilen destek sona ermeden \u00f6nce kullanmay\u0131 b\u0131rak\u0131n.<\/li>\n<li>G\u00fcncelleme s\u00fcre\u00e7lerini otomatik hale getirmek i\u00e7in g\u00fcvenlik a\u00e7\u0131\u011f\u0131 de\u011ferlendirme ve d\u00fczeltme eki y\u00f6netimi \u00f6zelliklerine sahip g\u00fcvenlik \u00fcr\u00fcnlerini kullan\u0131n.<\/li>\n<li>S\u0131f\u0131r g\u00fcn a\u00e7\u0131klar\u0131ndan yararlanan yaz\u0131l\u0131mlar dahil olmak \u00fczere bilinmeyen tehditlere kar\u015f\u0131 etkili koruma i\u00e7in davran\u0131\u015f tabanl\u0131 tespit \u00f6zelliklerine sahip dayan\u0131kl\u0131 g\u00fcvenlik \u00e7\u00f6z\u00fcmlerini kullan\u0131n.<\/li>\n<\/ul>\n<p>\u00d6nceden bilinmeyen bu tehdidi tespit ettikleri i\u00e7in proaktif teknolojilerimizin hakk\u0131n\u0131 vermek gerekti\u011fini de ekleyelim. Bu teknolojilerimiz, Kaspersky Anti Targeted Attack platformu i\u00e7in geli\u015ftirilen ileri koruma alan\u0131 ve k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mla m\u00fccadele motoru (\u00f6zel olarak APT tehditlerine kar\u015f\u0131 korumak i\u00e7in \u00fcretilmi\u015f bir \u00e7\u00f6z\u00fcm) ve i\u015fletmeler i\u00e7in Kaspersky Endpoint Security\u2019nin b\u00fct\u00fcnleyici alt sistemini olu\u015fturan otomatik k\u00f6t\u00fcye kullan\u0131m \u00f6nleme teknolojisiydi.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial-leadgen\">\n","protected":false},"excerpt":{"rendered":"<p>Proaktif teknolojilerimiz bir s\u0131f\u0131r g\u00fcn k\u00f6t\u00fcye kulan\u0131m\u0131 daha tespit etti. Bu k\u00f6t\u00fcye kullan\u0131m, yine i\u015fletim sisteminin daha \u00f6nceden bilinmeyen bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 hedef al\u0131yordu. <\/p>\n","protected":false},"author":700,"featured_media":5405,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[909,1737,1630,1226,1742,113],"class_list":{"0":"post-5404","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-acik","11":"tag-cve","12":"tag-endpoint","13":"tag-sistem-acigi","14":"tag-uc-nokta","15":"tag-windows"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/cve-2018-8589-vulnerability-detected\/5404\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/cve-2018-8589-vulnerability-detected\/13656\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/cve-2018-8589-vulnerability-detected\/17328\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/cve-2018-8589-vulnerability-detected\/16575\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/cve-2018-8589-vulnerability-detected\/21670\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/cve-2018-8589-vulnerability-detected\/24597\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/cve-2018-8589-vulnerability-detected\/11177\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/cve-2018-8589-vulnerability-detected\/11107\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/cve-2018-8589-vulnerability-detected\/10032\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/cve-2018-8589-vulnerability-detected\/18093\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/cve-2018-8589-vulnerability-detected\/21971\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/cve-2018-8589-vulnerability-detected\/17665\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/sistem-acigi\/","name":"sistem a\u00e7\u0131\u011f\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5404","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/700"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=5404"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5404\/revisions"}],"predecessor-version":[{"id":6886,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5404\/revisions\/6886"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/5405"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=5404"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=5404"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=5404"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}