- Danger level: high risk
- Danger performance: Without the authorization of the user, malicious files are implanted and the computer is 'fully controlled'
- Scope of influence: most Windows operating systems
- Official introduction: CVE-2019-0708 CVE-2019-1181 CVE-2019-1182
- Vulnerability information: commonly known as the 3389 service has serious security vulnerabilities. This vulnerability uses pre-authentication without user authorization. An attacker who successfully exploits this vulnerability can perform malicious attacks on the victim host, including installing a backdoor, viewing and tampering with private data, and creating a new account with full user rights.
-
Powerful Smart Repair
One-click to complete the system high-risk vulnerability repair and automatically complete the installation of the repair patch
-
Immunity to all vulnerabilities
Integrate all high-risk vulnerability repair functions and One tool can fix all vulnerabilities
-
Security experts escorted
Security experts provide technical support
-
Big data real-time detection
Relying on 360 billion-level big data to discover and release solutions for the first time
-
Remote Desktop Vulnerability
2019/5/14
-
ASUS update vulnerability
2019/3/26
- Danger level: serious
- Danger performance: Provide a software update with a backdoor, allowing the attacker to access the infected computer
- Scope of influence: ASUS computer users with Live Update Utility software
- Official introduction: FAQ ASUS Live Update
- Vulnerability information: Most ASUS computers are pre-installed with Live Update Utility to ensure that the drivers, apps, and BIOS in the computer system can be updated in time after they expire. The Operation ShadowHammer attack is aimed at this software, using the software loopholes to push software updates with backdoors to users to achieve the purpose of illegally accessing and manipulating users' computers.
-
Ransomware vulnerability
2017/3/14
- Danger level: serious
- Danger performance: Infected with Cote ransomware virus, file damage.
- Scope of influence: Windows7, Windows Server 2008 R2, Windows8.1, Windows Server 2012, Windows10, Windows Server 2016
- Official introduction: MS17-010
- Vulnerability information: Multiple Windows SMB remote code execution vulnerabilities. When the Microsoft Server Message Block 1.0 (SMBv1) server processes certain requests, there are multiple remote code execution vulnerabilities. An attacker who successfully exploited these vulnerabilities could gain the ability to execute code on the target system. In order to exploit this vulnerability, in most cases, an unauthenticated attacker may send specially designed packets to the target SMBv1 server.
-
Meltdown Vulnerability
2018/1/3
- Danger level: serious
- Danger performance: CPU memory data leakage, device hijacking and privacy leakage.
- Scope of influence: Almost all Intel CPUs after 1995, except for Itanium and Atom in 2013, and a few ARM core CPUs including Cotex-A75.
- Vulnerability information: Exploiting the Meltdown vulnerability, low-privileged users can access the contents of the kernel and obtain the underlying information of the local operating system.
-
Ghost Vulnerability
2018/1/3
- Danger level: serious
- Danger performance: CPU memory data leakage, device hijacking and privacy leakage.
- Scope of influence: About ten kinds of ARM core CPUs including Cotex-A48 and Cotex-A9, which affect almost all Apple devices.
- Vulnerability information: When a user visits a website containing Spectre malicious exploits through a browser, the user's personal privacy information such as account, password, and email may be leaked; in the cloud service scenario, using Spectre can break through the isolation between users , To steal data of other users.
-
Rift Vulnerability
2018/3/27
- Danger level: high risk
- Danger performance: CPU memory data leakage, device hijacking and privacy leakage.
- Scope of influence: Windows 7x64 and Windows Server 2008 R2
- Official introduction: MS17-010
- Vulnerability information: Microsoft's Windows 7x64 and Windows Server 2008 R2 security patches in January and February 2018 were found to have serious vulnerabilities (TotalMeltdown). In the patch, PML4 permissions were incorrectly set to the user level, resulting in any user-mode process that can be targeted The system kernel performs arbitrary read and write.
-
WinRAR vulnerability
2019/2/21
- Danger level: serious
- Danger performance: bypassing system permissions, implanting malicious files, and the computer is 'fully controlled'
- Scope of influence: Computers with WinRAR installed, covering all systems
- Vulnerability information: A serious security vulnerability has been found in the UNACEV2.dll code base of WinRAR. Hackers can use this vulnerability to bypass the permission prompt and run WinRAR directly, and put malicious files into the startup folder of the Windows system. As long as the user reboots the malicious files, By running automatically, hackers can 'completely control' the victim's computer, and more than 500 million users worldwide have been affected.
-
Double kill vulnerability
2018/4/18
- Danger level: high risk
- Danger performance: Use 0day vulnerability to carry out APT attacks on IE kernel browser and office.
- Scope of influence: the latest version of IE browser and applications that use IE core
- Official introduction: CVE-2018-8174
- Vulnerability information: The 0day vulnerability uses multiple UAFs to complete type confusion, completes arbitrary address reading and writing by forging an array object, and finally obtains code execution by constructing the object and releasing it. Code execution does not use traditional ROP or GodMod, but uses script layout Shellcode for stable use.
