2011年4月份十大重要安全漏洞分析 |
| |
作者单位: | 中国科学院研究生院国家计算机网络入侵防范中心,北京,100049 |
| |
摘 要: | 2011年03月21日至4月20日,国家计算机网络入侵防范中心发布漏洞总条目为360条,漏洞总数比上月增加了5.26。其中威胁级别为"紧急"的有51条,"高"的有60条,"中"的有205条,"低"的有44条。威胁级别为"紧急"和"高"的漏洞占到总量的30.83,从漏洞利用方式来看,远程攻击的有274条,本地攻击的有86条,局域网攻击的有0条。可见,能够从远程进行攻击的漏洞占绝大多数,这使得攻击者利用相应漏洞发动攻击更为容易。4月微软发布17个安全公告,其中9个为严重等级,8个为重要等级,共修复Microsoft Windows、Microsoft Office、Internet Explorer、Visual Studio、.Net Framework和GDI+(图形设备接口)中的64个漏洞。此外,Adobe也发布通告公布了Adobe Flash Player、Adobe Reader和Acrobat中发现的一个零日远程代码漏洞,该漏洞已被利用进行攻击。建议广大用户及时安装补丁,增强系统安全性,做好安全防范工作,保证信息系统安全。
|
关 键 词: | 微软 internet explorer Adobe Flash Player 零日漏洞 |
Ten Critical Vulnerabilities Analysis Report April 2011 |
| |
Authors: | Natiohal Computer Networks Intrusion Protection Center |
| |
Affiliation: | (National Computer Networks Intrusion Protection Center,Beijing 100049,China) |
| |
Abstract: | From March 21,2011 to April 20,2011,the National Computer Networks Intrusion Protection Center(aka NCNIPC) published 360 vulnerabilities,which increased by 5.26%.Among all these vulnerabilities,51 ones were Critical,60 were Important,205 were Middle,and 44 were Low.The vulnerabilities at Level Critical and Important accounted for 30.83% of the total.From the access vectors' perspective,274 were network exploitable,86 were locally exploitable and 0 was Local network exploitable.The vast majority could be exp... |
| |
Keywords: | Microsoft internet explorer Adobe Flash Player 0day Vulnerability |
本文献已被 CNKI 维普 万方数据 等数据库收录! |
|