資安事件

微軟 SharePoint 漏洞遭大規模攻擊





根據美國電信業者 AT&T 的資安研究室指出,有大規模的網路攻擊事件,利用微軟 SharePoint 的漏洞 CVE-2019-0604 進行攻擊。在微軟關於本漏洞的資安報告中指出,駭客可利用這個漏洞執行任意程式碼並上傳、下載檔案。

受影響的版本

  • Microsoft SharePoint Enterprise Server 2016
  • Microsoft SharePoint Foundation 2013 SP1
  • Microsoft SharePoint Server 2010 SP2
  • Microsoft SharePoint Server 2019

微軟已於 2019 年三月提供相關漏洞修補,但許多用戶系統仍未升級。

建議

  • 所有微軟 SharePoint 伺服器應儘速升級到 2019年 3月 12日的最新漏洞修補
  • 針對 on-premises 解決方案的用戶,請確保伺服器不直接對外暴露於 Internet。

總結

在佈建企業內部的網路服務時,若因應員工需求,必須開放允許透過 Internet 存取時,最好搭配能過濾非法流量的資安產品。I.X 針對身份認證與存取企業網路應用服務,提供完整的解決方案,能針對應用及存取權限,即時過濾非法存取,同時可避免非法流量直接透過程式碼的漏洞,入侵內部重要系統。有助於您保護公司重要的數位資產。

想瞭解最適合貴公司的資安解決方案?我們提供免費諮詢服務!

在〈微軟 SharePoint 漏洞遭大規模攻擊〉中有 350 則留言

  1. 自動引用通知: vagragenericaar.org
  2. After looking at a handful of the articles on your web site, I truly appreciate your technique of writing a blog. I added it to my bookmark website list and will be checking back in the near future. Take a look at my website as well and let me know what you think.|

  3. 自動引用通知: doctor7online.com
  4. 自動引用通知: cipro cost
  5. 自動引用通知: generic viagra available
  6. 自動引用通知: buy naltrexone
  7. I like the valuable info you provide in your articles.
    I will bookmark your blog and check again here regularly.
    I’m quite sure I’ll learn many new stuff right here! Good luck for the next!

  8. 自動引用通知: tylenol online sales
  9. 自動引用通知: chloroquine prescription
  10. Great post. I was checking continuously this blog and I’m inspired!
    Very helpful info particularly the last phase 🙂 I care for such information much.
    I used to be seeking this certain information for a long time.
    Thank you and best of luck.

  11. Good site! I truly love how it is simple on my eyes and the data are well written. I’m wondering
    how I could be notified whenever a new post has been made.
    I have subscribed to your RSS which must do the trick!
    Have a great day!

  12. This is very attention-grabbing, You’re a very skilled blogger.
    I’ve joined your rss feed and look ahead to in the hunt for more of your great post.
    Additionally, I have shared your website in my social networks!

    Also visit my web blog … cpc certification (pastebin.com)

  13. Nice post. I used to be checking continuously this blog and I’m inspired!
    Extremely useful info specifically the final section 🙂
    I deal with such info much. I was seeking this particular info for a long time.
    Thanks and best of luck.

    My page: cpc exam (enetget.com)

  14. This is very interesting, You are an excessively professional blogger.
    I’ve joined your rss feed and stay up prepare for cpc
    exam, issuu.com, seeking
    extra of your great post. Additionally, I have shared your website in my social networks!

  15. Admiring the dedication you put into your site and detailed information you offer.
    It’s good to come across a blog every once in a while that
    isn’t the same old rehashed material. Excellent read!
    I’ve bookmarked your site and I’m adding your RSS feeds to my Google
    account.

    Look at my blog; bar exam – http://www.instapaper.com

  16. I think that everything published made a great deal of sense.
    However, what about this? suppose you added a little information?
    I am not saying your information is not good,
    however what if you added something to possibly get folk’s
    attention? I mean 微軟 SharePoint 漏洞遭大規模攻擊 | I.X Trio is
    kinda boring. You should peek at Yahoo’s front page and
    note how they create article headlines to get viewers to click.
    You might try adding a video or a picture or two to grab people excited about
    everything’ve written. Just my opinion, it
    could make your website a little bit more interesting.

    Feel free to visit my web blog – software; https://1borsa.com/2f1rb,

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *

這個網站採用 Akismet 服務減少垃圾留言。進一步瞭解 Akismet 如何處理網站訪客的留言資料