{"id":8005,"date":"2020-03-27T11:38:28","date_gmt":"2020-03-27T08:38:28","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=8005"},"modified":"2020-04-15T11:58:09","modified_gmt":"2020-04-15T08:58:09","slug":"windows-adobe-type-manager-vulnerability","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/windows-adobe-type-manager-vulnerability\/8005\/","title":{"rendered":"Adobe Type Manager Kitapl\u0131\u011f\u0131&#8217;ndaki s\u0131f\u0131r g\u00fcn g\u00fcvenlik a\u00e7\u0131klar\u0131 birden \u00e7ok Windows i\u015fletim sistemini etkiliyor"},"content":{"rendered":"<p><strong>Bu yaz\u0131 14 Nisan tarihinde g\u00fcncellenmi\u015ftir<\/strong><\/p>\n<p>Microsoft, Adobe Type Manager Kitapl\u0131\u011f\u0131\u2019ndaki iki yeni g\u00fcvenlik a\u00e7\u0131\u011f\u0131 hakk\u0131nda <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/adv200006\" target=\"_blank\" rel=\"noopener nofollow\">bir uyar\u0131 yay\u0131mlad\u0131<\/a>. Dahas\u0131, verilen bilgilere g\u00f6re baz\u0131 sald\u0131rganlar zaten hedefli sald\u0131r\u0131larda bu a\u00e7\u0131klar\u0131 kullan\u0131yor. 14 Nisan\u2019da Microsoft <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-1020\" target=\"_blank\" rel=\"noopener nofollow\">bir g\u00fcncelleme yay\u0131mlayarak<\/a> bu a\u00e7\u0131\u011f\u0131 yamad\u0131.<\/p>\n<h2>Adobe Type Manager Kitapl\u0131\u011f\u0131 nedir ve nas\u0131l g\u00fcvenlik a\u00e7\u0131klar\u0131 vard\u0131r?<\/h2>\n<p>Windows\u2019ta tescilli Adobe yaz\u0131 tiplerini g\u00f6rmek i\u00e7in Adobe Type Manager isminde ek bir yaz\u0131l\u0131m y\u00fcklemeniz gereken bir d\u00f6nem vard\u0131. Bu durum son kullan\u0131c\u0131lar i\u00e7in \u00e7ok da uygun de\u011fildi, bu y\u00fczden Adobe sonunda formatlar\u0131n\u0131n \u00f6zelliklerini a\u00e7t\u0131 ve Microsoft yaz\u0131 tipi deste\u011fini i\u015fletim sistemlerine kurdu. <strong>Windows Adobe Type Manager Kitapl\u0131\u011f\u0131\u2019n\u0131n<\/strong> kullan\u0131m amac\u0131 da tam olarak bu.<\/p>\n<p>Microsoft\u2019a g\u00f6re sorun, kitapl\u0131\u011f\u0131n belirli bir bi\u00e7imdeki (Adobe Type 1 PostScript yaz\u0131 tipleri) yaz\u0131 tiplerini i\u015fleme bi\u00e7imiyle ilgili. Sald\u0131rgan, bir Type 1 PostScript yaz\u0131 tipini, bir Windows makinesinde rastgele bir kod y\u00fcr\u00fctme yetene\u011fi kazanacak \u015fekilde olu\u015fturabilir. G\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan yararlanmak i\u00e7in birka\u00e7 sald\u0131r\u0131 vekt\u00f6r\u00fc vard\u0131r. Sald\u0131rganlar bir \u015fekilde kurban\u0131 k\u00f6t\u00fc ama\u00e7l\u0131 bir belge a\u00e7maya veya temel olarak bir \u201c\u00d6nizleme B\u00f6lmesi\u201d (bu, Microsoft Outlook posta istemcisindeki benzer bir i\u015flevi de\u011fil, sistem b\u00f6lmesini ifade eder) arac\u0131l\u0131\u011f\u0131yla bunu g\u00f6r\u00fcnt\u00fclemeye ikna edebilir.<\/p>\n<p>Ayn\u0131 zamanda sald\u0131rganlar , <a href=\"https:\/\/en.wikipedia.org\/wiki\/WebDAV\" target=\"_blank\" rel=\"noopener nofollow\">Web\u2019de Da\u011f\u0131t\u0131lm\u0131\u015f Yazma ve S\u00fcr\u00fcm Olu\u015fturma (WebDAV)<\/a> adl\u0131 bir HTTP uzant\u0131s\u0131 arac\u0131l\u0131\u011f\u0131yla bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan yararlanabilir ve bu da kullan\u0131c\u0131lar\u0131n bir belge \u00fczerinde i\u015fbirli\u011fi yapmas\u0131na olanak tan\u0131r.<\/p>\n<p>Microsoft, bu \u00f6zelli\u011fi kullanman\u0131za izin veren WebClient hizmetini devre d\u0131\u015f\u0131 b\u0131rakman\u0131z\u0131 \u00f6neriyor ve bunun en olas\u0131 uzaktan sald\u0131r\u0131 vekt\u00f6r\u00fc oldu\u011funu vurguluyor.<\/p>\n<h2>Hangi sistemlerde g\u00fcvenlik a\u00e7\u0131\u011f\u0131 bulunuyor?<\/h2>\n<p>G\u00fcvenlik a\u00e7\u0131\u011f\u0131, Windows 10, Windows 7, Windows 8.1, Windows Server 2008, Windows Server 2012, Windows Server 2016 ve Windows Server 2019 i\u015fletim sistemlerinin 40 farkl\u0131 s\u00fcr\u00fcm\u00fcnde bulunuyor. Microsoft g\u00fcvenlik \u00f6nerisi belgesi ADV200006, g\u00fcvenlik a\u00e7\u0131\u011f\u0131 bulunan sistemlerin <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/adv200006#ID0EGB\" target=\"_blank\" rel=\"noopener nofollow\">tam listesini i\u00e7erir<\/a>.<\/p>\n<p>Ancak \u015firket, Windows 10\u2019un desteklenen s\u00fcr\u00fcmlerinde yap\u0131lan ba\u015far\u0131l\u0131 bir sald\u0131r\u0131n\u0131n, yaln\u0131zca AppContainer korumal\u0131 alan\u0131 ba\u011flam\u0131nda s\u0131n\u0131rl\u0131 ayr\u0131cal\u0131klara ve kabiliyete sahip k\u00f6t\u00fc ama\u00e7l\u0131 bir kod y\u00fcr\u00fct\u00fclmesine izin verece\u011fini belirtiyor.<\/p>\n<p><em><strong>G\u00fcncelle\u015ftirme: Microsoft\u2019a g\u00f6re, Windows 10 alt\u0131nda bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan yararlan\u0131lmas\u0131 pek ger\u00e7ek\u00e7i bir durum de\u011fildir. Hatta bu sorunun ciddiyetini \u201ckritik\u201d den \u201c\u00f6nemli\u201d ye d\u00fc\u015f\u00fcrd\u00fcler ve bu sistem i\u00e7in herhangi bir ge\u00e7ici \u00e7\u00f6z\u00fcm kullanman\u0131z\u0131 \u00f6nermiyorlar. Ayr\u0131ca, hedefli sald\u0131r\u0131lar\u0131n Windows 7 tabanl\u0131 sistemlerde oldu\u011funu vurgulamaktad\u0131rlar.<\/strong><\/em><\/p>\n<h2>Bir yama var m\u0131?<\/h2>\n<p>14 Nisan\u2019da Microsoft <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-1020\" target=\"_blank\" rel=\"noopener nofollow\">bir g\u00fcncelleme yay\u0131mlayarak<\/a> bu a\u00e7\u0131\u011f\u0131 yamad\u0131.<\/p>\n<h2>Yap\u0131lacaklar<\/h2>\n<p>E-postan\u0131z\u0131 koruma alt\u0131na almak i\u00e7in g\u00fcvenilir bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc kullanman\u0131z\u0131 (\u00e7\u00fcnk\u00fc bu, k\u00f6t\u00fc ama\u00e7l\u0131 belgeleri iletmek i\u00e7in en yayg\u0131n y\u00f6ntemdir) ve ayr\u0131ca k\u00f6t\u00fc ama\u00e7l\u0131 yararlanmalar da dahil olmak \u00fczere k\u00f6t\u00fc ama\u00e7l\u0131 etkinlikleri durdurabilecek koruyucu bir u\u00e7 nokta \u00e7\u00f6z\u00fcm\u00fcne sahip olman\u0131z\u0131 \u00f6neriyoruz. Her iki g\u00f6rev de <a href=\"http:\/\/kas.pr\/kdkesbtr\" target=\"_blank\" rel=\"noopener\">Kaspersky Endpoint Security for Business advanced<\/a> taraf\u0131ndan ger\u00e7ekle\u015ftirilebilir. Nereden geldi\u011finden emin olmad\u0131\u011f\u0131n\u0131z belgeleri ve e-posta eklerini a\u00e7mamaktan daha iyi bir y\u00f6ntem s\u00f6ylemeye gerek duymuyoruz.<\/p>\n<p>Hen\u00fcz bir yama bulunmamas\u0131 nedeniyle, Microsoft \u015fu ge\u00e7ici \u00e7\u00f6z\u00fcmleri kullanman\u0131z\u0131 \u00f6neriyor.<\/p>\n<ol>\n<li>\u00d6nizleme ve ayr\u0131nt\u0131 b\u00f6lmelerini kapat\u0131n.<\/li>\n<li>Webclient hizmetini kapat\u0131n (WebDAV\u2019yi devre d\u0131\u015f\u0131 b\u0131rak\u0131r).<\/li>\n<li>ATMFD.DLL kitapl\u0131\u011f\u0131n\u0131 devre d\u0131\u015f\u0131 b\u0131rak\u0131n<\/li>\n<\/ol>\n<p>Bu \u00fc\u00e7 i\u015flemin nas\u0131l yap\u0131laca\u011f\u0131na ili\u015fkin ayr\u0131nt\u0131l\u0131 talimatlar\u0131 <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/adv200006\" target=\"_blank\" rel=\"noopener nofollow\">Microsoft\u2019un g\u00fcvenlik \u00f6nerisinde<\/a> bulabilirsiniz. Webclient hizmetinin devre d\u0131\u015f\u0131 b\u0131rak\u0131lmas\u0131yla, WebDAV taleplerinin i\u015flenmemesi ve WebDAV\u2019a dayal\u0131 uygulamalar\u0131n d\u00fczg\u00fcn \u00e7al\u0131\u015fmamas\u0131na neden olaca\u011f\u0131n\u0131 g\u00f6z \u00f6n\u00fcnde bulundurmak gereklidir. Ayn\u0131 durum ATMFD.DLL\u2019nin devre d\u0131\u015f\u0131 b\u0131rak\u0131lmas\u0131nda da ge\u00e7erlidir; bunu kullanan uygulamalar da d\u00fczg\u00fcn \u015fekilde \u00e7al\u0131\u015fmayacakt\u0131r.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-b2b\">\n","protected":false},"excerpt":{"rendered":"<p>Microsoft, Adobe Type Manager Kitapl\u0131\u011f\u0131&#8217;nda bulunan ve halihaz\u0131rda siber su\u00e7lular\u0131n kulland\u0131\u011f\u0131 g\u00fcvenlik a\u00e7\u0131klar\u0131 hakk\u0131nda bir g\u00fcvenlik \u00f6nerisi yay\u0131mlad\u0131.<\/p>\n","protected":false},"author":700,"featured_media":8006,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1287,1194,1351],"tags":[2158,389,790,38,2159,2157,113],"class_list":{"0":"post-8005","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-news","9":"category-business","10":"category-threats","11":"tag-0-gun","12":"tag-adobe","13":"tag-guvenlik-aciklari","14":"tag-microsoft","15":"tag-rce","16":"tag-sifir-gun","17":"tag-windows"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/windows-adobe-type-manager-vulnerability\/8005\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/windows-adobe-type-manager-vulnerability\/19665\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/windows-adobe-type-manager-vulnerability\/16191\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/windows-adobe-type-manager-vulnerability\/7961\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/windows-adobe-type-manager-vulnerability\/21223\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/windows-adobe-type-manager-vulnerability\/19492\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/windows-adobe-type-manager-vulnerability\/17959\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/windows-adobe-type-manager-vulnerability\/22207\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/windows-adobe-type-manager-vulnerability\/20981\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/windows-adobe-type-manager-vulnerability\/27771\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/windows-adobe-type-manager-vulnerability\/34395\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/windows-adobe-type-manager-vulnerability\/14512\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/windows-adobe-type-manager-vulnerability\/14580\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/windows-adobe-type-manager-vulnerability\/13219\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/windows-adobe-type-manager-vulnerability\/23394\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/windows-adobe-type-manager-vulnerability\/11256\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/windows-adobe-type-manager-vulnerability\/27938\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/windows-adobe-type-manager-vulnerability\/25162\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/windows-adobe-type-manager-vulnerability\/21928\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/windows-adobe-type-manager-vulnerability\/27102\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/windows-adobe-type-manager-vulnerability\/26940\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/windows\/","name":"windows"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8005","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/700"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=8005"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8005\/revisions"}],"predecessor-version":[{"id":8096,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8005\/revisions\/8096"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/8006"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=8005"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=8005"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=8005"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}