看好注册表微软Server2003潜伏重大安全缺陷

>受影响的版本：

Windows Server 2003 (Internet Explorer 6.0)

漏洞观察：

Windows Server 2003的这个漏洞会致使远程攻击者篡改注册表"Shell Folders"目录，从而无需任何登陆认证，轻易获得系统文件夹中%USERPROFILE%文件的访问权。

ex.) %USERPROFILE% = "C:\Documents and Settings\%USERNAME%"

详细资料：

远程攻击者篡改Windows Server 2003系统注册表中的"Shell Folders"目录，通过"shell:[Shell Folders]\..\" 将本地文件与恶意程序链接。

[Shell Folders]

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders

AppData: "C:\Documents and Settings\%USERNAME%\Application Data"

Cookies: "C:\Documents and Settings\%USERNAME%\Cookies"

Desktop: "C:\Documents and Settings\%USERNAME%\Desktop"

Favorites: "C:\Documents and Settings\%USERNAME%\Favorites"

NetHood: "C:\Documents and Settings\%USERNAME%\NetHood"

Personal: "C:\Documents and Settings\%USERNAME%\My Documents"

PrintHood: "C:\Documents and Settings\%USERNAME%\PrintHood"

Recent: "C:\Documents and Settings\%USERNAME%\Recent"

SendTo: "C:\Documents and Settings\%USERNAME%\SendTo"

Start Menu: "C:\Documents and Settings\%USERNAME%\Start Menu"

Templates: "C:\Documents and Settings\%USERNAME%\Templates"

Programs: "C:\Documents and Settings\%USERNAME%\Start Menu\Programs"

Startup: "C:\Documents and Settings\%USERNAME%\Start Menu\Programs\Startup"

Local Settings: "C:\Documents and Settings\%USERNAME%\Local Settings"

Local AppData: "C:\Documents and Settings\%USERNAME%\Local Settings\Application Data"

Cache: "C:\Documents and Settings\%USERNAME%\Local Settings\Temporary Internet Files"

History: "C:\Documents and Settings\%USERNAME%\Local Settings\History"

My Pictures: "C:\Documents and Settings\%USERNAME%\My Documents\My Pictures"

Fonts: "C:\WINDOWS\Fonts"

My Music: "C:\Documents and Settings\%USERNAME%\My Documents\My Music"

My Video: "C:\Documents and Settings\%USERNAME%\My Documents\My Videos"

CD Burning: "C:\Documents and Settings\%USERNAME%\Local Settings\Application

Data\Microsoft\CD Burning"

Administrative Tools: "C:\Documents and Settings\%USERNAME%\Start

Menu\Programs\Administrative Tools"

恶意代码示例：

**************************************************

This exploit reads %TEMP%\exploit.html.

You need to create it.

And click on the malicious link.

**************************************************

Malicious link:

Exploit

微软举措：

微软已于2003年6月9日发布了此漏洞公告，计划于下一个版本的windows补丁中添加此漏洞的修补程序。

文章来源：金山毒霸编译