{"id":11517,"date":"2019-03-19T09:40:58","date_gmt":"2019-03-19T09:40:58","guid":{"rendered":"https:\/\/www.kaspersky.fr\/blog\/?p=11517"},"modified":"2019-11-22T08:53:27","modified_gmt":"2019-11-22T08:53:27","slug":"cve-2019-0797-vulnerability-detected","status":"publish","type":"post","link":"https:\/\/www.kaspersky.fr\/blog\/cve-2019-0797-vulnerability-detected\/11517\/","title":{"rendered":"CVE-2019-0797 : encore un exploit zero-day"},"content":{"rendered":"<p>Au risque de nous r\u00e9p\u00e9ter, la situation actuelle nous oblige \u00e0 vous communiquer que, trois mois apr\u00e8s avoir <a href=\"https:\/\/www.kaspersky.fr\/blog\/cve-2018-8589-vulnerability-detected\/11177\/\" target=\"_blank\" rel=\"noopener\">d\u00e9tect\u00e9 la derni\u00e8re vuln\u00e9rabilit\u00e9 zero-day<\/a>, nos technologies proactives ont d\u00e9couvert un autre exploit Windows. Cette fois la vuln\u00e9rabilit\u00e9 affecte plusieurs versions du syst\u00e8me d\u2019exploitation\u00a0; les versions 64-bit de Windows 8 et 10, jusqu\u2019\u00e0 la version 15063, sont menac\u00e9es. Nous en avons averti Windows, et le patch a \u00e9t\u00e9 inclus dans la mise \u00e0 jour du syst\u00e8me lanc\u00e9e le 12 mars.<\/p>\n<p>Il est toutefois \u00e9trange de voir que, malgr\u00e9 la publication continue de mises \u00e0 jour pour les versions actuelles, de nombreux utilisateurs ne sont pas press\u00e9s de les installer par peur de perturber les op\u00e9rations de leurs ordinateurs. Il n\u2019est pourtant pas recommand\u00e9 d\u2019attendre pour voir ce qu\u2019il se passe.<\/p>\n<h1>Qu\u2019est-ce que CVE-2019-0797 ?<\/h1>\n<p>Rien de moins que le quatri\u00e8me exploit qui permet d\u2019\u00e9lever les privil\u00e8ges, et que nos syst\u00e8mes ont r\u00e9cemment d\u00e9tect\u00e9. Tout comme l\u2019exploit <a href=\"https:\/\/www.kaspersky.fr\/blog\/cve-2018-8589-vulnerability-detected\/11177\/\" target=\"_blank\" rel=\"noopener\">CVE-2018-8589<\/a>, il s\u2019agit d\u2019une erreur dans la situation de comp\u00e9tition du pilote win32k.sys\u00a0; consultez <a href=\"https:\/\/securelist.com\/cve-2019-0797-zero-day-vulnerability\/89885\/\" target=\"_blank\" rel=\"noopener\">Securelist<\/a> pour conna\u00eetre tous les d\u00e9tails techniques. Nous savons que plusieurs attaques cibl\u00e9es ont utilis\u00e9 cet exploit. Il permet \u00e9ventuellement aux intrus de prendre le contr\u00f4le d\u2019un syst\u00e8me vuln\u00e9rable.<\/p>\n<h1>Comment \u00e9viter les probl\u00e8mes<\/h1>\n<p>Nos conseils ne changent pas :<\/p>\n<ul>\n<li>Installez les mises \u00e0 jour du syst\u00e8me correspondantes et disponibles sur le <a href=\"https:\/\/portal.msrc.microsoft.com\/fr-fr\/security-guidance\/advisory\/CVE-2019-0797\" target=\"_blank\" rel=\"noopener nofollow\">site Internet de Microsoft\u00a0<\/a>;<\/li>\n<li>Utilisez toujours la derni\u00e8re version pour mettre \u00e0 jour vos logiciels (surtout le syst\u00e8me d\u2019exploitation) et, si possible, remplacez-les lorsque la garantie se termine.<\/li>\n<li>Utilisez des solutions de s\u00e9curit\u00e9 \u00e9quip\u00e9es de technologies d\u2019analyse comportementale.<\/li>\n<\/ul>\n<p>Vous retrouvez les technologies utilis\u00e9es pour d\u00e9tecter cet exploit (Syst\u00e8me de sandboxing avanc\u00e9, Protection contre les attaques cibl\u00e9es, D\u00e9tection comportementale, Pr\u00e9vention automatique des exploits) dans notre solution Kaspersky Security for Business.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb\">\n","protected":false},"excerpt":{"rendered":"<p>Nos technologies proactives ont \u00e0 nouveau d\u00e9tect\u00e9 un exploit Windows utilis\u00e9 pour perp\u00e9trer des attaques APT.<\/p>\n","protected":false},"author":2506,"featured_media":11518,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2112,3150],"tags":[3171,2185,3432,322,23],"class_list":{"0":"post-11517","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"tag-cve","10":"tag-exploit","11":"tag-point-de-terminaison","12":"tag-vulnerabilites","13":"tag-windows"},"hreflang":[{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/cve-2019-0797-vulnerability-detected\/11517\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/cve-2019-0797-vulnerability-detected\/15409\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/cve-2019-0797-vulnerability-detected\/12976\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/cve-2019-0797-vulnerability-detected\/17351\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/cve-2019-0797-vulnerability-detected\/15504\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/cve-2019-0797-vulnerability-detected\/14187\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/cve-2019-0797-vulnerability-detected\/18032\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/cve-2019-0797-vulnerability-detected\/17034\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/cve-2019-0797-vulnerability-detected\/22399\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/cve-2019-0797-vulnerability-detected\/5779\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/cve-2019-0797-vulnerability-detected\/25976\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/cve-2019-0797-vulnerability-detected\/10476\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/cve-2019-0797-vulnerability-detected\/18744\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/cve-2019-0797-vulnerability-detected\/22790\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/cve-2019-0797-vulnerability-detected\/18091\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/cve-2019-0797-vulnerability-detected\/22282\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/cve-2019-0797-vulnerability-detected\/22218\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.fr\/blog\/tag\/vulnerabilites\/","name":"Vuln\u00e9rabilit\u00e9s"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/11517","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/users\/2506"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/comments?post=11517"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/11517\/revisions"}],"predecessor-version":[{"id":12705,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/11517\/revisions\/12705"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/media\/11518"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/media?parent=11517"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/categories?post=11517"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/tags?post=11517"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}