{"id":5489,"date":"2018-12-19T14:39:18","date_gmt":"2018-12-19T11:39:18","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=5489"},"modified":"2019-11-15T14:35:23","modified_gmt":"2019-11-15T11:35:23","slug":"cve-2018-8611-detected","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/cve-2018-8611-detected\/5489\/","title":{"rendered":"\u00c7ekirdek \u0130\u015flem Y\u00f6neticisi&#8217;nde g\u00fcvenlik a\u00e7\u0131\u011f\u0131 tespit edildi"},"content":{"rendered":"<p>Siber su\u00e7lular, Windows\u2019u stres testine tabi tutmaya devam ederken koruyucu teknolojilerimiz de sald\u0131rganlar\u0131n giri\u015fimlerini tespit edip a\u00e7\u0131klardan yararlanmalar\u0131n\u0131 \u00f6nl\u00fcyor. Bu, ge\u00e7ti\u011fimiz \u00fc\u00e7 ay i\u00e7inde ke\u015ffetti\u011fimiz <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/vulnerability-in-windows-patched\/5307\/\" target=\"_blank\" rel=\"noopener\">ilk<\/a> ya da <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/cve-2018-8589-vulnerability-detected\/5404\/\" target=\"_blank\" rel=\"noopener\">ikinci<\/a> sald\u0131r\u0131 de\u011fil. Sistemlerimiz, bu sefer Windows \u00c7ekirdek \u0130\u015flem Y\u00f6neticisi\u2019nde bulunan bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan yararlanma giri\u015fimini tespit etti.<\/p>\n<p>Bu yeni s\u0131f\u0131r g\u00fcn a\u00e7\u0131\u011f\u0131ndan yararlanan yaz\u0131l\u0131m, Orta Do\u011fu ve Asya\u2019daki bir\u00e7ok ki\u015fiye kar\u015f\u0131 kullan\u0131ld\u0131. Yaz\u0131l\u0131m\u0131n taraf\u0131ndan kullan\u0131lan CVE-2018-8611 ad\u0131ndaki g\u00fcvenlik a\u00e7\u0131\u011f\u0131, Windows \u00e7ekirde\u011finin bellekteki nesneleri uygun bir \u015fekilde i\u015fleyemedi\u011fi durumlarda ayr\u0131cal\u0131\u011f\u0131n y\u00fckseltilmesine izin veriyor. Bunun sonucunda k\u00f6t\u00fc ama\u00e7l\u0131 sald\u0131rganlar, \u00e7ekirdek modunda rastgele kodlar y\u00fcr\u00fctebiliyor.<\/p>\n<p>Yani bu durum, pratikte sald\u0131rganlar\u0131n program y\u00fckleyebilmesi, verileri de\u011fi\u015ftirebilmesi veya g\u00f6r\u00fcnt\u00fcleyebilmesi hatta yeni hesaplar olu\u015fturabilmesi anlam\u0131na geliyor. Uzmanlar\u0131m\u0131za g\u00f6re a\u00e7\u0131klardan yararlanan yaz\u0131l\u0131m, Chrome ve Edge gibi modern Web taray\u0131c\u0131lar\u0131nda korumal\u0131 alandan \u00e7\u0131kmak i\u00e7in de kullan\u0131labilir. Teknik ayr\u0131nt\u0131lar i\u00e7in bu <a href=\"https:\/\/securelist.com\/zero-day-in-windows-kernel-transaction-manager-cve-2018-8611\/89253\/\" target=\"_blank\" rel=\"noopener\">Securelist makalesini inceleyebilirsiniz<\/a>. CVE-2018-8611 ve bu a\u00e7\u0131ktan yararlanmaya \u00e7al\u0131\u015fan akt\u00f6rlerle ilgili daha ayr\u0131nt\u0131l\u0131 bilgiler, Kaspersky Intelligence Reports m\u00fc\u015fterilerine sunulur, bunun i\u00e7in <a href=\"mailto:intelreports@kaspersky.com\" target=\"_blank\" rel=\"noopener\">intelreports@kaspersky.com<\/a> ile ileti\u015fime ge\u00e7ebilirsiniz.<\/p>\n<p>Uzmanlar\u0131m\u0131z, bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 geli\u015ftiricilere bildirdi ve Microsoft, Windows \u00e7ekirde\u011finin bellekteki nesneleri i\u015fleme \u015feklini d\u00fczelten ilgili d\u00fczeltme ekini yay\u0131nlad\u0131.<\/p>\n<h2>G\u00fcvenli\u011finizi nas\u0131l sa\u011flayabilirsiniz?<\/h2>\n<p>Bu vakada da yine t\u00fcm g\u00fcvenlik a\u00e7\u0131klar\u0131na y\u00f6nelik genel tavsiyemizi verebiliriz:<\/p>\n<ul>\n<li>\u015eu anda a\u00e7\u0131klardan yararlanan bu yaz\u0131l\u0131m\u0131n az say\u0131da kurban\u0131 oldu\u011fu i\u00e7in kendinizi g\u00fcvende hissetmeyin. G\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n ortaya \u00e7\u0131kar\u0131lmas\u0131ndan itibaren daha \u00e7ok siber su\u00e7lu, bu a\u00e7\u0131ktan faydalanmaya \u00e7al\u0131\u015fabilir. Dolay\u0131s\u0131yla <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8611\" target=\"_blank\" rel=\"noopener nofollow\">d\u00fczeltme ekini derhal y\u00fckleyin<\/a>.<\/li>\n<li>\u015eirketinizin kulland\u0131\u011f\u0131 t\u00fcm yaz\u0131l\u0131mlar\u0131 d\u00fczenli olarak g\u00fcncelleyin.<\/li>\n<li>Otomatik g\u00fcvenlik a\u00e7\u0131\u011f\u0131 de\u011ferlendirme ve d\u00fczeltme eki y\u00f6netimi \u00f6zelliklerine sahip g\u00fcvenlik \u00fcr\u00fcnlerini tercih edin.<\/li>\n<li>S\u0131f\u0131r g\u00fcn a\u00e7\u0131klar\u0131ndan yararlanan yaz\u0131l\u0131mlar dahil olmak \u00fczere bilinmeyen tehditlere kar\u015f\u0131 etkili koruma i\u00e7in davran\u0131\u015f tabanl\u0131 tespit \u00f6zelliklerine sahip g\u00fcvenlik \u00e7\u00f6z\u00fcmlerini kullan\u0131n.<\/li>\n<\/ul>\n<p>Koruyucu teknolojilerimiz, a\u00e7\u0131klardan yararlanan bu yaz\u0131l\u0131mla kar\u015f\u0131la\u015fmadan \u00f6nce s\u00f6z konusu g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n bilinmedi\u011fini tekrar hat\u0131rlatmakta fayda var. Dolay\u0131s\u0131yla g\u00fcvenli\u011finizi sa\u011flayabilecek baz\u0131 \u00fcr\u00fcnler \u00f6nerebiliriz. \u0130lk \u00f6nerimiz, APT tehditlerine kar\u015f\u0131 koruma sa\u011flamak i\u00e7in \u00f6zel olarak tasarlanan \u00e7\u00f6z\u00fcm\u00fcm\u00fcz Kaspersky Anti Targeted Attack Platform\u2019dur. Bu \u00e7\u00f6z\u00fcm, geli\u015fmi\u015f korumal\u0131 alan teknolojisine ve k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlara kar\u015f\u0131 koruma motoruna sahiptir. \u0130kinci \u00f6nerimiz ise g\u00fcvenlik a\u00e7\u0131klar\u0131ndan yararlanan yaz\u0131l\u0131mlar\u0131 otomatik olarak \u00f6nleme teknolojisine sahip olan Kaspersky Endpoint Security for Business \u00e7\u00f6z\u00fcm\u00fcd\u00fcr. CVE-2018-8611 g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 tespit eden de bu teknolojidir.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial-leadgen\">\n","protected":false},"excerpt":{"rendered":"<p>Siber su\u00e7lular, Windows&#8217;u stres testine tabi tutmaya devam ederken koruyucu teknolojilerimiz de sald\u0131rganlar\u0131n giri\u015fimlerini tespit edip a\u00e7\u0131klardan yararlanmalar\u0131n\u0131 \u00f6nl\u00fcyor. Bu, ge\u00e7ti\u011fimiz \u00fc\u00e7 ay i\u00e7inde ke\u015ffetti\u011fimiz ilk ya da ikinci sald\u0131r\u0131 de\u011fil. <\/p>\n","protected":false},"author":700,"featured_media":5490,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[1786,1737,1630,1785,1226,1742,113],"class_list":{"0":"post-5489","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-cekirdek-islem-yoneticisi","11":"tag-cve","12":"tag-endpoint","13":"tag-kernel","14":"tag-sistem-acigi","15":"tag-uc-nokta","16":"tag-windows"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/cve-2018-8611-detected\/5489\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/cve-2018-8611-detected\/14911\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/cve-2018-8611-detected\/12492\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/cve-2018-8611-detected\/16833\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/cve-2018-8611-detected\/15040\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/cve-2018-8611-detected\/13874\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/cve-2018-8611-detected\/17543\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/cve-2018-8611-detected\/16710\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/cve-2018-8611-detected\/21867\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/cve-2018-8611-detected\/24972\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/cve-2018-8611-detected\/11274\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/cve-2018-8611-detected\/10153\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/cve-2018-8611-detected\/18258\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/cve-2018-8611-detected\/22160\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/cve-2018-8611-detected\/23561\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/cve-2018-8611-detected\/17745\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/cve-2018-8611-detected\/21800\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/cve-2018-8611-detected\/21749\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/sistem-acigi\/","name":"sistem a\u00e7\u0131\u011f\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5489","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/700"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=5489"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5489\/revisions"}],"predecessor-version":[{"id":6871,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5489\/revisions\/6871"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/5490"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=5489"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=5489"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=5489"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}