Microsoft Lync Insecure Library Loading Vulnerability (CVE-2012-1849)

2015年7月21日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 緊急

概要

Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .ocsmeet file, aka "Lync Insecure Library Loading Vulnerability." nvd: Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1005050