´÷¶ûSupportAssist DLLЮÖÆÎó²î

Ðû²¼Ê±¼ä 2019-06-22

Åä¾°ÐÎò


6ÔÂ21ÈÕ´÷¶ûÐû²¼Ç徲ת´ï£¬£¬£¬£¬±Þ²ßÓû§¸üд÷¶ûµçÄÔÉÏԤװÖõÄSupportAssistÈí¼þ£¬£¬£¬£¬ÒÔÐÞ¸´DLLЮÖÆÎó²î£¨CVE-2019-12280£©¡£¡£¡£¡£¡£¡£¸ÃÎó²î¿É±»¾ßÓÐͨÀýÓû§È¨Ï޵Ĺ¥»÷ÕßʹÓ㬣¬£¬£¬Í¨¹ý¶ñÒâDLLÎļþ¾ÙÐÐÌáȨºÍ»ñµÃ³¤ÆÚÐÔ¡£¡£¡£¡£¡£¡£

Îó²îÁбí


CVE ID  £º   CVE-2019-12280
´÷¶ûDSA±àºÅ£º   DSA-2019-084
Îó²îÆ·¼¶£º   ¸ßΣ
CVSSÆÀ·Ö£º   ÔÝÎÞ
Ó°Ïì¹æÄ££º   Dell SupportAssist for Business PCs°æ±¾2.0 £»£»£»£»Dell SupportAssist for Home PCs 3.2.1¼°Ö®Ç°µÄËùÓа汾

Îó²îÏêÇé


SupportAssistÊÇ´÷¶ûµçÄÔÉÏԤװÖõÄÒ»¸öÈí¼þ£¬£¬£¬£¬ÓÃÓÚ¼ì²éϵͳӲ¼þºÍÈí¼þµÄÔËÐÐ״̬£¬£¬£¬£¬¸ÃÈí¼þÒÔSYSTEMȨÏÞÔËÐС£¡£¡£¡£¡£¡£SafeBreach LabsÑо¿Ö°Ô±·¢Ã÷¸ÃÈí¼þ±£´æDLLЮÖÆÎó²î£¨CVE-2019-12280£©£¬£¬£¬£¬ÔÊÐíÔ¶³Ì¹¥»÷Õß½«í§ÒâδÊðÃûµÄDLL¼ÓÔص½ÒÔSYSTEMȨÏÞÔËÐеÄЧÀÍÖУ¬£¬£¬£¬´Ó¶øʵÏÖȨÏÞÌáÉýºÍ³¤ÆÚÐÔ - °üÀ¨¶ÔÎïÀíÄڴ桢ϵͳÖÎÀíBIOSµÈµ×²ã×é¼þµÄ¶Á/д»á¼û¡£¡£¡£¡£¡£¡£¸ÃÎó²îʹ¹¥»÷ÕßÄܹ»Í¨¹ýÒÑÊðÃûµÄЧÀͼÓÔغÍÖ´ÐжñÒâpayload£¬£¬£¬£¬¹¥»÷Õ߿ɽ«´ËÄÜÁ¦ÓÃÓÚÖ´ÐлòÌӱܼì²âµÈ²î±ðÄ¿µÄ£¬£¬£¬£¬ÀýÈ磺ӦÓóÌÐò°×Ãûµ¥Èƹý¡¢ÊðÃûÑéÖ¤Èƹý¡£¡£¡£¡£¡£¡£


ƾ֤SafeBreachµÄ±¨¸æ£¬£¬£¬£¬¸ÃÎó²îµÄ»ù´¡Ôµ¹ÊÔ­ÓÉÊÇ£º


1¡¢È±·¦Çå¾²µÄDLL¼ÓÔØ¡£¡£¡£¡£¡£¡£´úÂëÖÐʹÓÃLoadLibraryWÒªÁ죬£¬£¬£¬¶ø²»ÊÇLoadLibraryExW £»£»£»£»ÕâÔÊÐíδ¾­ÊÚȨµÄÓû§Í¨¹ýijЩ±ê¼ÇÀ´½ç˵ËÑË÷˳Ðò£¬£¬£¬£¬ÀýÈçLOAD_LIBRARY_SEARCH_DLL_LOAD_DIR¡£¡£¡£¡£¡£¡£·´¹ýÀ´£¬£¬£¬£¬¸Ã±ê¼ÇÓÖÏÞÖÆÖ»ÔÚ×Ô¼ºµÄÎļþ¼ÐÖÐËÑË÷DLL£¬£¬£¬£¬×èÖ¹ÁËÔÚPATH±äÁ¿ÖÐËÑË÷DLLµÄÇéÐΡ£¡£¡£¡£¡£¡£


2¡¢Ã»ÓжԶþ½øÖÆÎļþ¾ÙÐÐÊðÃûÑéÖ¤¡£¡£¡£¡£¡£¡£¸Ã³ÌÐòûÓÐÑéÖ¤Ëü½«¼ÓÔصÄDLLÊÇ·ñÒÑÊðÃû£¬£¬£¬£¬Òò´ËËü½«¼ÓÔØí§ÒâδÊðÃûµÄDLL¡£¡£¡£¡£¡£¡£


ÓÉÓÚ´÷¶ûSupportAssistʹÓõÄ×é¼þÊÇÓɵÚÈý·½PC-Doctor¿ª·¢ºÍά»¤µÄ£¬£¬£¬£¬Òò´Ë¸ÃÎó²îÒ²Ó°Ïìµ½ÒÀÀµPC-DoctorµÄÆäËüPCÖÆÔìÉÌ¡£¡£¡£¡£¡£¡£SafeBreach LabsÈ·ÈÏÊÜÓ°ÏìµÄ×é¼þÊÇPC-Doctor Toolbox for Windows£¬£¬£¬£¬¸Ã×é¼þ±»ÒÔϹ¤¾ßËùʹÓãº


CORSAIR ONE Diagnostics
CORSAIR Diagnostics
Staples EasyTech Diagnostics
Tobii I-Series Diagnostic Tool
Tobii Dynavox Diagnostic Tool

Îó²îʱ¼äÏߣº


4ÔÂ29ÈÕ - ±¨¸æÎó²î
5ÔÂ08ÈÕ - ´÷¶ûÈ·ÈϸÃÎó²î
5ÔÂ21ÈÕ - ´÷¶û½«Îó²î·¢Ë͸øPC-Doctor
5ÔÂ22ÈÕ - »ñµÃ±àºÅCVE-2019-12280£¬£¬£¬£¬assign¸øPC-Doctor
5ÔÂ28ÈÕ - ´÷¶ûÐû²¼SupportAssist¸üУ¬£¬£¬£¬ÐÞ¸´¸ÃÎó²î
6ÔÂ19ÈÕ - Îó²îÅû¶

ÐÞ¸´½¨Òé


½¨Òé´÷¶ûÓû§¸üÐÂÖÁÒÔÏ°汾£º


Dell SupportAssist for Business PCs °æ±¾2.0.1
Dell SupportAssist for Home PCs °æ±¾3.2.2

²Î¿¼Á´½Ó


https://www.dell.com/support/article/cn/zh/cndhs1/sln317291/dsa-2019-084-dell-supportassist-for-business-pcs-and-dell-supportassist-for-home-pcs-security-update-for-pc-doctor-vulnerability?lang=en
https://safebreach.com/Post/OEM-Software-Puts-Multiple-Laptops-At-Risk
https://thehackernews.com/2019/06/dells-supportassist-hacking.html