{"id":11036,"date":"2018-10-11T12:19:38","date_gmt":"2018-10-11T12:19:38","guid":{"rendered":"https:\/\/www.kaspersky.fr\/blog\/?p=11036"},"modified":"2018-10-11T12:19:38","modified_gmt":"2018-10-11T12:19:38","slug":"vulnerability-in-windows-patched","status":"publish","type":"post","link":"https:\/\/www.kaspersky.fr\/blog\/vulnerability-in-windows-patched\/11036\/","title":{"rendered":"Nos technologies ont captur\u00e9 la vuln\u00e9rabilit\u00e9 zero-day de Windows"},"content":{"rendered":"<p>Notre technologie de Protection Automatique contre les Exploits a r\u00e9cemment d\u00e9tect\u00e9 un nouveau genre de cyberattaque, qui a essay\u00e9 d\u2019utiliser un exploit jusqu\u2019alors inconnu, en se servant de la vuln\u00e9rabilit\u00e9 encore non d\u00e9couverte de ce syst\u00e8me d\u2019exploitation.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-11038\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/93\/2018\/10\/11121447\/vulnerability-in-windows-patched.jpg\" alt=\"\" width=\"1460\" height=\"960\"><\/p>\n<p>En analysant de plus pr\u00e8s ce cas, nos experts ont d\u00e9couvert que cette vuln\u00e9rabilit\u00e9 se trouvait dans win32k.sys, un fichier du pilote Win32. Ils ont imm\u00e9diatement averti Microsoft pour que les sp\u00e9cialistes puissent rapidement corriger ce probl\u00e8me de s\u00e9curit\u00e9. Ils ont r\u00e9v\u00e9l\u00e9 l\u2019existence de cette vuln\u00e9rabilit\u00e9 le 9 octobre, et ont publi\u00e9 la mise \u00e0 jour correspondante, pour, entre autres, corriger la vuln\u00e9rabilit\u00e9 CVE-2018-8453.<\/p>\n<h2>Quels \u00e9taient les risques ?<\/h2>\n<p>Le malware exploitait cette vuln\u00e9rabilit\u00e9 pour obtenir assez de privil\u00e8ges, et ainsi persister dans l\u2019ordinateur de la victime. En effet, cette vuln\u00e9rabilit\u00e9 \u00e9tait potentiellement tr\u00e8s dangereuse, puisqu\u2019elle pouvait permettre aux pirates informatiques de contr\u00f4ler votre ordinateur. Comme nos experts l\u2019ont expliqu\u00e9, l\u2019objectif de ce malware \u00e9tait d\u2019atteindre autant de versions MS Windows que possible, y compris MS Windows 10 RS4.<\/p>\n<p>Nos solutions ont d\u00e9tect\u00e9 plusieurs attaques qui ont utilis\u00e9 cette vuln\u00e9rabilit\u00e9. La plupart des victimes se trouvait dans la r\u00e9gion du Moyen-Orient. Nos experts sont certains qu\u2019il s\u2019agissait d\u2019une attaque particuli\u00e8rement cibl\u00e9e. Cependant, le nombre de cas pourrait augmenter maintenant que l\u2019information a \u00e9t\u00e9 r\u00e9v\u00e9l\u00e9e.<\/p>\n<p>Vous pouvez obtenir plus de d\u00e9tails techniques sur cette attaque en lisant cet <a href=\"https:\/\/securelist.com\/cve-2018-8453-used-in-targeted-attacks\/88151\/\" target=\"_blank\" rel=\"noopener\">article publi\u00e9 sur Securelist<\/a>.<\/p>\n<h2>Comment vous prot\u00e9ger<\/h2>\n<ul>\n<li>Installez imm\u00e9diatement le correctif de Windows que <a href=\"https:\/\/portal.msrc.microsoft.com\/fr-fr\/eula\" target=\"_blank\" rel=\"noopener nofollow\">vous pouvez trouver ici<\/a>.<\/li>\n<li>Mettez r\u00e9guli\u00e8rement \u00e0 jour le programme utilis\u00e9 par votre entreprise afin d\u2019avoir la derni\u00e8re version.<\/li>\n<li>Utilisez les produits de s\u00e9curit\u00e9 qui ont la capacit\u00e9 d\u2019\u00e9valuer les vuln\u00e9rabilit\u00e9s, et de g\u00e9rer les corrections pour que ces processus de mises \u00e0 jour soient automatiques.<\/li>\n<li>Utilisez une solution de s\u00e9curit\u00e9 fiable qui puisse d\u00e9tecter les fichiers malveillants selon leur comportement, afin de vous prot\u00e9ger efficacement des menaces inconnues, y compris des exploits zero-day.<\/li>\n<\/ul>\n<p>Plusieurs de nos technologies d\u00e9tectent l\u2019exploit de cette vuln\u00e9rabilit\u00e9 zero-day. La premi\u00e8re est un logiciel de sandboxing avanc\u00e9 et un anti-malware pour Kaspersky Anti Targeted Attack Platform, une solution sp\u00e9cialement con\u00e7ue pour vous prot\u00e9ger des menaces APT. L\u2019autre technologie est la Protection Automatique contre les Exploits, et il s\u2019agit d\u2019un sous-syst\u00e8me qui fait partie int\u00e9grante de notre solution Kaspersky Endpoint Security for Business.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb\">\n","protected":false},"excerpt":{"rendered":"<p>La vuln\u00e9rabilit\u00e9 CVE-2018-8453 de Microsoft Windows, utilis\u00e9e lors de plusieurs attaques cet \u00e9t\u00e9, a \u00e9t\u00e9 d\u00e9tect\u00e9e de fa\u00e7on proactive.<\/p>\n","protected":false},"author":40,"featured_media":11037,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2112,3150],"tags":[3171,2185,60,23],"class_list":{"0":"post-11036","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"tag-cve","10":"tag-exploit","11":"tag-vulnerabilite","12":"tag-windows"},"hreflang":[{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/vulnerability-in-windows-patched\/11036\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/vulnerability-in-windows-patched\/14426\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/vulnerability-in-windows-patched\/12069\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/vulnerability-in-windows-patched\/16363\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/vulnerability-in-windows-patched\/14555\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/vulnerability-in-windows-patched\/13518\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/vulnerability-in-windows-patched\/17123\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/vulnerability-in-windows-patched\/16422\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/vulnerability-in-windows-patched\/21510\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/vulnerability-in-windows-patched\/5307\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/vulnerability-in-windows-patched\/24169\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/vulnerability-in-windows-patched\/10915\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/vulnerability-in-windows-patched\/9851\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/vulnerability-in-windows-patched\/17886\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/vulnerability-in-windows-patched\/21772\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/vulnerability-in-windows-patched\/17499\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/vulnerability-in-windows-patched\/21306\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/vulnerability-in-windows-patched\/21313\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.fr\/blog\/tag\/vulnerabilite\/","name":"vuln\u00e9rabilit\u00e9"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/11036","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/comments?post=11036"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/11036\/revisions"}],"predecessor-version":[{"id":11041,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/11036\/revisions\/11041"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/media\/11037"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/media?parent=11036"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/categories?post=11036"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/tags?post=11036"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}