Paint 3DÆØ³öÔ¶³Ì´úÂëÖ´ÐÐÂ©¶´ Î¢ÈíÒÑ·¢²¹¶¡ÐÞ¸´

ÎÂÄá²®Õ¾ · ·¢±íÓÚ 2021-6-16 20:16:05

Î¢ÈíµÄ Paint 3D Ó¦ÓÃ³ÌÐò×ÔÍÆ³öÒÔÀ´²¢²»ÊÜÏû·ÑÕßµÄ»¶Ó£¬¶øÇÒ ZDI ÑÐ¾¿ÈËÔ±»¹·¢ÏÖÕâ¿î 3D ½¨Ä£Èí¼þ´æÔÚÔ¶³Ì´úÂëÖ´ÐÐÂ©¶´£¬¿ÉÄÜ»á¶ÔÄãµÄÏµÍ³½¡¿µ²úÉú¸ºÃæÓ°Ïì¡£ ¸ÃÂ©¶´ÊÇÍ¨¹ýËÑË÷·¢ÏÖ£¬ÐèÒªÓÃ»§¼ÓÔØÒ»¸ö±»ÆÆ»µµÄÎÄ¼þ¡£ÔÚ±¾ÔÂµÄ²¹¶¡ÐÇÆÚ¶þ»î¶¯ÈÕÖÐÒÑ¾ÐÞ¸´ÁËÕâ¸öÎÊÌâ¡£

¸ÃÂ©¶´±àºÅÎªCVE-2021-31946£¬Ïà¹ØÃèÊöÈçÏÂ

Microsoft Paint 3D GLB File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

¸ÃÂ©¶´ÔÊÐíÔ¶³Ì¹¥»÷ÕßÔÚÊÜÓ°ÏìµÄMicrosoft Paint 3D°²×°ÖÐÖ´ÐÐÈÎÒâ´úÂë¡£ÀûÓÃ¸ÃÂ©¶´ÐèÒªÓÃ»§»¥¶¯£¬Ä¿±ê±ØÐë·ÃÎÊÒ»¸ö¶ñÒâÍøÒ³»ò´ò¿ªÒ»¸ö¶ñÒâÎÄ¼þ¡£

¾ßÌåµÄÈ±ÏÝ´æÔÚÓÚ GLB ÎÄ¼þµÄ½âÎö¹ý³ÌÖÐ¡£¸ÃÎÊÌâÊÇÓÉÓÚÈ±·¦¶ÔÓÃ»§Ìá¹©µÄÊý¾ÝµÄÕýÈ·ÑéÖ¤£¬Õâ¿ÉÄÜµ¼ÖÂ¶ÁÈ¡³¬¹ý·ÖÅäµÄÊý¾Ý½á¹¹µÄÄ©¶Ë¡£¹¥»÷Õß¿ÉÒÔÀûÓÃÕâ¸öÂ©¶´£¬ÔÚµ±Ç°½ø³ÌµÄÉÏÏÂÎÄÖÐÒÔµÍÍêÕûÐÔÖ´ÐÐ´úÂë¡£

Î¢ÈíÒÑ¾·¢²¼ÁË¸ÃÈí¼þµÄ¸üÐÂ£¬ÐÞ¸´ÁËÕâ¸öÎÊÌâ£¬µ«Windows11ÓÃ»§²»±Øµ£ÐÄ£¬ÒòÎª¸ÃÈí¼þÒÑ¾²»ÔÙÔ¤×°ÔÚ¸Ã²Ù×÷ÏµÍ³ÖÐ¡£

		×Ô¶¯µÇÂ¼	ÕÒ»ØÃÜÂë
ÃÜÂë			×¢²áÓÃ»§

[×ÛºÏ×ÊÑ¶] Paint 3DÆØ³öÔ¶³Ì´úÂëÖ´ÐÐÂ©¶´ Î¢ÈíÒÑ·¢²¹¶¡ÐÞ¸´

ä¯ÀÀ¹ýµÄ°æ¿é