【Vista之家译】IE7和IE8的保护模式可以阻止部分攻击

Vista之家（www.vista123.com）：【Vista之家译】IE7和IE8的保护模式可以阻止部分攻击

 本月17日，微软发布了200多个涉及所有IE版本的紧急补丁，也就是MS08-078补丁包，用来修复系统漏洞，这一漏洞从本月9日其就已经被黑客用于攻击。而绝大部分的系统都无法阻止此种攻击。


“在Windows的很多版本中，都内建了一些保护措施，但由于源代码的作用，只有少数几个可以有效阻止此次攻击。”

但是，在Windows Vista, Windows 7 pre-Beta, Windows Server 2003和Windows Server 2008上的IE7和IE8依然可以多一层保护，那就是保护模式。

在Vista和Windows Server 2008中，保护模式是用来抵御攻击的主要手段。当漏洞代码运行时，漏洞只能在低权限下运行，因为IE就运行在低权限下。也就是说，黑客无法利用漏洞向操作系统里写入文件。在服务器平台，Windows Server 2003和Windows Server 2008中，IE安全提升设置可以通过禁用攻击代码的方式阻止攻击。

附部分原文：

On December 17, 2008, Microsoft released in excess of 300 distinct updates for all supported versions of Internet Explorer, packaged as MS08-078, in its rush to patch a critical vulnerability in the systems, which was under attack at least as early as December 9. Not only was the security flaw actively exploited in the wild (allowing for remore code execution), but the majority of mitigations built into the Windows operating system were useless to stop attacks, according to Michael Howard, senior security program manager in the Security Engineering group at Microsoft.

“There is a plethora of defenses available on various versions of Windows, but only a couple came into play owing to the nature of the code,” Howard stated, enumerating the mitigations that failed to make a difference, including the protections built against stack-based buffer overruns, ASLR and NX and Heap Termination on Corruption.

However, users running Internet Explorer 7 and the Beta versions of Internet Explorer 8 on Windows Vista, Windows 7 pre-Beta, Windows Server 2003, and Windows Server 2008 still benefited from an additional layer of protection, namely Protected Mode.
...

Vista之家（www.vista123.com），爱上网，爱上Vista123.com