铃村爱里bt种子迅雷:MS04-011_LSASS_EXPLOIT是什么病毒

MS04-011_LSASS_EXPLOIT
发现日期: Apr 12, 2004
风险: 重大
描述:

This buffer overrun vulnerability in the Local Security Authority Subsystem Service (LSASS) allows remote code execution. Once successfully exploited, a remote attacker is able to gain full control of the affected system. It may be used by a malware to perform malicious activities, such as accessing and modifying the file system and replication.

LSASS provides an interface for managing local security, domain authentication, and Active Directory processes. It handles authentication for both the client and the server. It also contains features used to support Active Directory utilities.

Microsoft has posted more information about this vulnerability, among others, in their Security Bulletin MS04-011.

补丁信息:

IMPORTANT NOTE:

This detection is not a detection for the vulnerability of your machine. If you got this warning, it is an indication that a malicious piece of code passed through your network or your machine, but was detected by Trend Micro as MS04-011_LSASS_EXPLOIT.

If you have patched your system against the LSASS Vulnerability, then your system should be safe from the damage that may be brought about by this exploit code.

Otherwise, you can look up the patch information for your Windows version on this site. Trend Micro advises users to refrain from using their system until it has been completely patched against this vulnerability.

Trend Micro Solution

Users of Trend Micro PC-cillin Internet Security and Network VirusWall can detect this exploit at the network layer with Network Virus Pattern (NVP) 10180, or later.

Download the latest NVW pattern file from the following site:

http://www.trendmicro.com/download/product.asp?producti d=45

Disabling Network Virus Emergency Center Pop-ups

If you have already patched your system, and want to turn the pop-up messages off, please refer to the following Knowledge Base solutions:

For PC-cillin Internet Security 2005 Users:
Knowledge Base Solution ID 22606

For PC-cillin Internet Security 2004 Users:
Knowledge Base Solution ID 22608

Note: Disabling the network virus pop-up display option means you will not be alerted for ALL network attacks to your system, not just this particular exploit attack.

发现日期: Apr 12,2004
风险: 重大
描述:

这一个缓冲超越误差地方安全当局次要系统服务 (LSASS) 的易受伤允许遥远的密码实行。 一次成功地开发,一个遥远的攻击者能够得到被影响的系统完全的控制。 资讯科技可能被 malware 用运行怀恶意的活动, 如此的当做存取而且修正文件系统和回答。

LSASS 提供一个接口给管理地方安全,领域证明 , 和活跃的目录程序。 资讯科技为客户和伺候器处理证明。 资讯科技也包含特征过去一直支援活跃的目录公用程序。

微软已经寄关于这一个易受伤的较多资讯,尤其是,在他们的安全公告 MS04-011 中.

补丁信息:

重要的笔记:

这一个发现对于你的机器易受伤不是一个发现。 如果你使这警告的,它是指示一个怀恶意密码通过你的网络或你的机器, 但是被如 MS04-011_ LSASS_EXPLOIT 的趋势微发现了。

如果你已经补缀对抗 LSASS 易受伤的你系统,然后你的系统应该是来自可能被这一个功绩密码引起的损害保险箱。

以别的方式，你能为在这一个位置上的你窗口版本查片数据。 趋势微劝告使用者克制不要使用他们的系统，直到它完全地已经被补缀对抗这一个易受伤。

趋势微解决

趋势微的使用者个人计算机- cillin 的英特网安全和网络 VirusWall 以网络病毒式样 (NVP)10180 能在网络层发现这一项功绩, 或稍后。

下载最近的 NVW 式样来自下列的位置文件:

http:// www.trendmicro.com/download/product.asp?producti d=45

使网络病毒紧急失去能力集中跳上

如果你已经补缀你的系统了, 而且想要把跳上信息关掉 ,请提及下列的知识库解决:

对于个人计算机- cillin 的英特网安全 2005个使用者:
知识库解决身份证 22606

对于个人计算机- cillin 的英特网安全 2004个使用者:
知识库解决身份证 22608

注意:使跳上展览选项意谓的网络病毒失去能力，你将不被为对你的系统所有的网络攻击提醒,不只是这项特别的功绩攻击。

是振荡波病毒

好像是震荡波，而且在百度上搜索之后可以看到震荡波补丁下载字样

振荡波病毒 没关系!