{"id":3798,"date":"2024-05-05T19:42:18","date_gmt":"2024-05-05T19:42:18","guid":{"rendered":"https:\/\/chuyendoiso.haiphong.gov.vn\/?p=3798"},"modified":"2025-04-17T08:43:35","modified_gmt":"2025-04-17T08:43:35","slug":"cap-nhat-ban-va-lo-hong-bao-mat-thang-4","status":"publish","type":"post","link":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/2024\/05\/05\/cap-nhat-ban-va-lo-hong-bao-mat-thang-4\/","title":{"rendered":"C\u1eadp nh\u1eadt b\u1ea3n v\u00e1 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt th\u00e1ng 4"},"content":{"rendered":"<p><strong>Trong th\u00e1ng 4\/2024, Microsoft, Adobe v\u00e0 SAP l\u1ea7n l\u01b0\u1ee3t ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 cho c\u00e1c s\u1ea3n ph\u1ea9m c\u1ee7a m\u00ecnh. Ng\u01b0\u1eddi d\u00f9ng c\u1ea7n kh\u1ea9n tr\u01b0\u01a1ng c\u00e0i \u0111\u1eb7t b\u1ea3n v\u00e1 \u0111\u1ec3 ph\u00f2ng tr\u00e1nh r\u1ee7i ro m\u1ea5t an to\u00e0n th\u00f4ng tin.<\/strong><\/p>\n<p><strong>Microsoft<\/strong><\/p>\n<div class=\"image\"><a title=\"C\u1eadp nh\u1eadt b\u1ea3n v\u00e1 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt th\u00e1ng 4\"><img decoding=\"async\" src=\"https:\/\/tailieu.antoanthongtin.vn\/Files\/files\/site-2\/images\/20240426\/12152.png\" alt=\"C\u1eadp nh\u1eadt b\u1ea3n v\u00e1 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt th\u00e1ng 4\" \/><\/a><\/div>\n<p>&nbsp;<\/p>\n<p>Trung tu\u1ea7n th\u00e1ng 4,\u00a0Microsoft \u0111\u00e3 ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 \u0111\u1ec3 gi\u1ea3i quy\u1ebft 150 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt\u00a0trong c\u00e1c s\u1ea3n ph\u1ea9m Microsoft Windows v\u00e0 Windows Components; Office v\u00e0 Office Components; Azure; .NET Framework v\u00e0 Visual Studio; SQL Server; DNS Server; Windows Defender; Bitlocker v\u00e0 Windows Secure Boot. \u0110\u00e2y l\u00e0 b\u1ea3n c\u1eadp nh\u1eadt l\u1edbn nh\u1ea5t c\u1ee7a Microsoft trong n\u0103m nay v\u00e0 c\u0169ng l\u00e0 l\u1edbn nh\u1ea5t k\u1ec3 t\u1eeb n\u0103m 2017. Trong \u0111\u00f3, c\u00f3 31 l\u1ed7 h\u1ed5ng n\u00e2ng cao \u0111\u1eb7c quy\u1ec1n, 29 l\u1ed7 h\u1ed5ng b\u1ecf qua t\u00ednh n\u0103ng b\u1ea3o m\u1eadt, 67 l\u1ed7 h\u1ed5ng\u00a0th\u1ef1c thi m\u00e3 t\u1eeb xa, 13 l\u1ed7 h\u1ed5ng ti\u1ebft l\u1ed9 th\u00f4ng tin, 7 l\u1ed7 h\u1ed5ng t\u1eeb ch\u1ed1i d\u1ecbch v\u1ee5, 3 l\u1ed7 h\u1ed5ng gi\u1ea3 m\u1ea1o.<\/p>\n<p>\u0110\u00e1ng ch\u00fa \u00fd l\u1ed7 h\u1ed5ng \u0111\u1ecbnh danh CVE-2024-29988, m\u1eb7c d\u00f9 \u0111\u01b0\u1ee3c x\u1ebfp h\u1ea1ng quan tr\u1ecdng nh\u01b0ng l\u1ea1i \u0111\u01b0\u1ee3c \u0111\u00e1nh \u0111i\u1ec3m CVSS kh\u00e1 cao (8.8 \u0111i\u1ec3m). C\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u c\u00f3 ch\u1ee9ng c\u1ee9 ch\u1ec9 ra r\u1eb1ng l\u1ed7 h\u1ed5ng n\u00e0y \u0111ang t\u1ed3n t\u1ea1i ph\u1ed5 bi\u1ebfn c\u0169ng nh\u01b0 b\u1ecb t\u00edch c\u1ef1c khai th\u00e1c, nh\u01b0ng h\u00e3ng Microsoft v\u1eabn ph\u1ee7 nh\u1eadn \u0111i\u1ec1u n\u00e0y. L\u1ed7 h\u1ed5ng CVE-2024-29988 n\u1ebfu \u0111\u01b0\u1ee3c khai th\u00e1c th\u00e0nh c\u00f4ng s\u1ebd cho ph\u00e9p tin t\u1eb7c b\u1ecf qua t\u00ednh n\u0103ng Mark of the Webs (MotW) v\u00e0 th\u1ef1c hi\u1ec7n c\u00e1c m\u00e3 \u0111\u1ed9c h\u1ea1i tr\u00ean h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau.<\/p>\n<p>Nh\u00e0 cung c\u1ea5p Microsoft khuy\u1ebfn c\u00e1o ng\u01b0\u1eddi d\u00f9ng nhanh ch\u00f3ng c\u1eadp nh\u1eadt b\u1ea3n v\u00e1 n\u00e0y \u0111\u1ec3 tr\u00e1nh b\u1ecb tin t\u1eb7c khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt tr\u00ean c\u00e1c s\u1ea3n ph\u1ea9m c\u1ee7a m\u00ecnh.<\/p>\n<p><strong>Adobe<\/strong><\/p>\n<div class=\"image\"><a title=\"C\u1eadp nh\u1eadt b\u1ea3n v\u00e1 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt th\u00e1ng 4\"><img decoding=\"async\" src=\"https:\/\/tailieu.antoanthongtin.vn\/Files\/files\/site-2\/images\/20240426\/adobe.jpg\" alt=\"C\u1eadp nh\u1eadt b\u1ea3n v\u00e1 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt th\u00e1ng 4\" \/><\/a><\/div>\n<p>&nbsp;<\/p>\n<p>Th\u00e1ng 4, Adobe \u0111\u00e3 ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 \u0111\u1ec3 gi\u1ea3i quy\u1ebft 27\u00a0l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt\u00a0trong c\u00e1c s\u1ea3n ph\u1ea9m Adobe After Effects, Photoshop, Commerce, InDesign, Experience Manager, Media Encoder, Bridge, Illustrator v\u00e0 Adobe Animate. Trong 27 l\u1ed7 h\u1ed5ng c\u00f3 8 l\u1ed7 h\u1ed5ng x\u1ebfp h\u1ea1ng nghi\u00eam tr\u1ecdng v\u00e0 19 l\u1ed7 h\u1ed5ng x\u1ebfp h\u1ea1ng quan tr\u1ecdng.<\/p>\n<p>\u0110\u00e1ng ch\u00fa \u00fd, l\u1ed7 h\u1ed5ng \u0111\u1ecbnh danh CVE-2024-20759 \u0111\u01b0\u1ee3c \u0111\u00e1nh gi\u00e1 8 \u0111i\u1ec3m CVSS \u1edf s\u1ea3n ph\u1ea9m Adobe Commerce phi\u00ean b\u1ea3n 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3. \u0110\u00e2y l\u00e0 l\u1ed7 h\u1ed5ng lo\u1ea1i Cross-Site Scripting, cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng khi \u1edf \u0111\u1eb7c quy\u1ec1n\u00a0cao c\u00f3 th\u1ec3 \u0111\u01b0a c\u00e1c t\u1ec7p l\u1ec7nh \u0111\u1ed9c h\u1ea1i v\u00e0o c\u00e1c tr\u01b0\u1eddng d\u1ec5 b\u1ecb t\u1ea5n c\u00f4ng trong n\u1ed9i dung c\u1ee7a trang web. Khi ng\u01b0\u1eddi d\u00f9ng truy c\u1eadp v\u00e0o c\u00e1c trang web n\u00e0y, c\u00e1c t\u1ec7p l\u1ec7nh \u0111\u1ed9c h\u1ea1i c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c th\u1ef1c thi trong tr\u00ecnh duy\u1ec7t web. May m\u1eafn, kh\u00f4ng c\u00f3 l\u1ed7 h\u1ed5ng n\u00e0o \u0111\u01b0\u1ee3c b\u00e1o c\u00e1o l\u00e0 \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1 c\u00f4ng khai ho\u1eb7c \u0111ang b\u1ecb t\u00edch c\u1ef1c khai th\u00e1c t\u1ea1i th\u1eddi \u0111i\u1ec3m ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1.<\/p>\n<p><strong>SAP<\/strong><\/p>\n<div class=\"image\"><a title=\"C\u1eadp nh\u1eadt b\u1ea3n v\u00e1 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt th\u00e1ng 4\"><img decoding=\"async\" src=\"https:\/\/tailieu.antoanthongtin.vn\/Files\/files\/site-2\/images\/20240426\/sap.jpg\" alt=\"C\u1eadp nh\u1eadt b\u1ea3n v\u00e1 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt th\u00e1ng 4\" \/><\/a><\/div>\n<p>&nbsp;<\/p>\n<p>\u1ede m\u1ed9t \u0111\u1ed9ng th\u00e1i kh\u00e1c, SAP \u0111\u00e3 ph\u00e1t h\u00e0nh b\u1ea3n th\u00e1ng 4 \u0111\u1ec3 gi\u1ea3i quy\u1ebft 12 l\u1ed7 h\u1ed5ng cho c\u00e1c s\u1ea3n ph\u1ea9m c\u1ee7a m\u00ecnh. Trong \u0111\u00f3 c\u00f3 3 l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng v\u00e0 9 l\u1ed7 h\u1ed5ng quan tr\u1ecdng.<\/p>\n<p>L\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt nghi\u00eam tr\u1ecdng v\u1edbi \u0111i\u1ec3m CVSS cao nh\u1ea5t \u0111\u01b0\u1ee3c v\u00e1 l\u1ea7n n\u00e0y c\u00f3 m\u00e3 \u0111\u1ecbnh danh CVE-2024-27899. L\u1ed7 h\u1ed5ng n\u00e0y khai th\u00e1c vi\u1ec7c thi\u1ebfu c\u00e1c y\u00eau c\u1ea7u b\u1ea3o m\u1eadt c\u1ea7n thi\u1ebft cho ch\u1ee9c n\u0103ng \u201cT\u1ef1 \u0111\u0103ng k\u00fd\u201d v\u00e0 \u201cThay \u0111\u1ed5i profile\u201d c\u1ee7a \u1ee9ng d\u1ee5ng qu\u1ea3n tr\u1ecb ng\u01b0\u1eddi d\u00f9ng c\u1ee7a s\u1ea3n ph\u1ea9m NetWeaver AS Java. Do v\u1eady n\u1ebfu b\u1ecb t\u1ea5n c\u00f4ng, n\u00f3 s\u1ebd t\u00e1c \u0111\u1ed9ng s\u00e2u \u0111\u1ebfn t\u00ednh b\u1ea3o m\u1eadt c\u1ee7a h\u1ec7 th\u1ed1ng. \u0110\u1ec3 gi\u1ea3m thi\u1ec3u c\u00e1c nguy c\u01a1 ti\u1ec1m \u1ea9n, SAP khuy\u1ebfn c\u00e1o ng\u01b0\u1eddi d\u00f9ng \u00e1p d\u1ee5ng\u00a0b\u1ea3n c\u1eadp nh\u1eadt\u00a0c\u00e0ng s\u1edbm c\u00e0ng t\u1ed1t.<\/p>\n<p><em>Ngu\u1ed3n tin: https:\/\/antoanthongtin.vn\/<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Trong th\u00e1ng 4\/2024, Microsoft, Adobe v\u00e0 SAP l\u1ea7n l\u01b0\u1ee3t ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 cho c\u00e1c s\u1ea3n ph\u1ea9m c\u1ee7a m\u00ecnh. Ng\u01b0\u1eddi d\u00f9ng c\u1ea7n kh\u1ea9n tr\u01b0\u01a1ng c\u00e0i \u0111\u1eb7t b\u1ea3n v\u00e1 \u0111\u1ec3 ph\u00f2ng tr\u00e1nh r\u1ee7i ro m\u1ea5t an to\u00e0n th\u00f4ng tin. Microsoft &nbsp; Trung tu\u1ea7n th\u00e1ng 4,\u00a0Microsoft \u0111\u00e3 ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 \u0111\u1ec3 gi\u1ea3i quy\u1ebft 150 l\u1ed7 h\u1ed5ng [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":3800,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[13],"tags":[],"class_list":["post-3798","post","type-post","status-publish","format-standard","has-post-thumbnail","category-tin-tuc"],"_links":{"self":[{"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/posts\/3798","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/comments?post=3798"}],"version-history":[{"count":1,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/posts\/3798\/revisions"}],"predecessor-version":[{"id":3804,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/posts\/3798\/revisions\/3804"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/media\/3800"}],"wp:attachment":[{"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/media?parent=3798"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/categories?post=3798"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/chuyendoiso.haiphong.gov.vn\/index.php\/wp-json\/wp\/v2\/tags?post=3798"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}