{"id":126582,"date":"2024-12-07T11:38:35","date_gmt":"2024-12-07T02:38:35","guid":{"rendered":"https:\/\/softantenna.com\/blog\/?p=126582"},"modified":"2024-12-07T11:38:35","modified_gmt":"2024-12-07T02:38:35","slug":"0patch-released-unofficial-patches-for-all-windows","status":"publish","type":"post","link":"https:\/\/softantenna.com\/blog\/0patch-released-unofficial-patches-for-all-windows\/","title":{"rendered":"0patch\u304cWindows 11\/10\u306e\u5168\u30d0\u30fc\u30b8\u30e7\u30f3\u306b\u5f71\u97ff\u3059\u308b\u30bc\u30ed\u30c7\u30a4\u8106\u5f31\u6027\u3092\u767a\u898b\u3057\u30d1\u30c3\u30c1\u3092\u516c\u958b"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/softantenna.com\/blog\/wp-content\/uploads\/2024\/08\/security-protection-anti-virus-software-60504-1.jpeg\" alt=\"\" width=\"1280\" height=\"853\" class=\"aligncenter size-full wp-image-124564\" \/><\/p>\n<p>\u30de\u30a4\u30af\u30ed\u30d1\u30c3\u30c1\u306e\u63d0\u4f9b\u30b5\u30fc\u30d3\u30b9\u3092\u63d0\u4f9b\u3059\u308b0patch\u306f12\u67085\u65e5\u3001\u653b\u6483\u8005\u304c\u30de\u30eb\u30a6\u30a7\u30a2\u3092\u4f7f\u3063\u3066NTLM\u8a8d\u8a3c\u60c5\u5831\u3092\u76d7\u3080\u3053\u3068\u3092\u53ef\u80fd\u306b\u3059\u308b\u65b0\u3057\u3044Windows\u306e\u8106\u5f31\u6027\u3092\u767a\u898b\u3057\u305f\u3053\u3068\u3092<a href=\"https:\/\/blog.0patch.com\/2024\/12\/url-file-ntlm-hash-disclosure.html\">\u767a\u8868<\/a>\u3057\u307e\u3057\u305f\u3002<\/p>\n<p>0patch\u306f\u3053\u306e\u554f\u984c\u3092\u6b21\u306e\u3088\u3046\u306b\u8aac\u660e\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<blockquote><p>\nOur researchers discovered a vulnerability on all Windows Workstation and Server versions from Windows 7 and Server 2008 R2 to the latest Windows 11 v24H2 and Server 2022.<\/p>\n<p>The vulnerability allows an attacker to obtain user's NTLM credentials by simply having the user view a malicious file in Windows Explorer - e.g., by opening a shared folder or USB disk with such file, or viewing the Downloads folder where such file was previously automatically downloaded from attacker's web page.<\/p>\n<p>\u5f53\u793e\u306e\u7814\u7a76\u8005\u306f\u3001Windows 7\u304a\u3088\u3073Server 2008 R2\u304b\u3089\u6700\u65b0\u306eWindows 11 v24H2\u304a\u3088\u3073Server 2022\u307e\u3067\u306e\u3059\u3079\u3066\u306e Windows Workstation\u304a\u3088\u3073Server\u30d0\u30fc\u30b8\u30e7\u30f3\u306b\u4e0a\u306b\u5b58\u5728\u3059\u308b\u8106\u5f31\u6027\u3092\u767a\u898b\u3057\u307e\u3057\u305f\u3002<\/p>\n<p>\u3053\u306e\u8106\u5f31\u6027\u306b\u3088\u308a\u3001\u653b\u6483\u8005\u306f\u30e6\u30fc\u30b6\u30fc\u306b Windows\u30a8\u30af\u30b9\u30d7\u30ed\u30fc\u30e9\u3067\u60aa\u610f\u306e\u3042\u308b\u30d5\u30a1\u30a4\u30eb\u3092\u95b2\u89a7\u3055\u305b\u308b\u3060\u3051\u3067\u3001\u30e6\u30fc\u30b6\u30fc\u306eNTLM\u8a8d\u8a3c\u60c5\u5831\u3092\u53d6\u5f97\u3059\u308b\u3053\u3068\u304c\u53ef\u80fd\u3068\u306a\u308a\u307e\u3059\u3002\u4f8b\u3048\u3070\u3001\u305d\u306e\u3088\u3046\u306a\u30d5\u30a1\u30a4\u30eb\u3092\u542b\u3080\u5171\u6709\u30d5\u30a9\u30eb\u30c0\u3084 USB \u30c7\u30a3\u30b9\u30af\u3092\u958b\u3044\u305f\u308a\u3001\u305d\u306e\u3088\u3046\u306a\u30d5\u30a1\u30a4\u30eb\u304c\u653b\u6483\u8005\u306e Web\u30da\u30fc\u30b8\u304b\u3089\u4ee5\u524d\u306b\u81ea\u52d5\u7684\u306b\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3055\u308c\u305f\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u30d5\u30a9\u30eb\u30c0\u3092\u95b2\u89a7\u3057\u305f\u308a\u3059\u308b\u3053\u3068\u3067\u3001\u653b\u6483\u8005\u306f\u30e6\u30fc\u30b6\u30fc\u306e NTLM \u8a8d\u8a3c\u60c5\u5831\u3092\u53d6\u5f97\u3059\u308b\u3053\u3068\u304c\u53ef\u80fd\u3068\u306a\u308a\u307e\u3059\u3002\n<\/p><\/blockquote>\n<p>\u8106\u5f31\u6027\u306fWindows 7\u304b\u3089Windows 11 24H2\u307e\u3067\u3001Windows Server 2008 R2\u304b\u3089Windows Server 2022\u307e\u3067\u306e\u3059\u3079\u3066\u306eWindows\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3001\u30b5\u30fc\u30d0\u30fc\u306b\u5f71\u97ff\u3057\u307e\u3059\u3002<\/p>\n<p>\u306a\u304a\u3001Windows Server 2025\u306f\u3053\u306e\u30ea\u30b9\u30c8\u306b\u542b\u307e\u308c\u3066\u3044\u307e\u305b\u3093\u304c\u3001Windows Server 2025\u306f\u30ea\u30fc\u30b9\u304b\u30891\u30f5\u6708\u3082\u7d4c\u3063\u3066\u3044\u306a\u3044\u305f\u3081\u3001\u307e\u3060\u30c6\u30b9\u30c8\u4e2d\u306e\u6bb5\u968e\u306b\u3042\u308b\u3068\u306e\u3053\u3068\u3002\u30c6\u30b9\u30c8\u304c\u5b8c\u4e86\u3057\u3001\u7d50\u679c\u304c\u6e80\u8db3\u3044\u304f\u3082\u306e\u3067\u3042\u308c\u30700day\u30d1\u30c3\u30c1\u306e\u767a\u884c\u3092\u958b\u59cb\u3059\u308b\u4e88\u5b9a\u3068\u306e\u3053\u3068\u3002<\/p>\n<p>\u30d1\u30c3\u30c1\u306f<a href=\"https:\/\/central.0patch.com\/auth\/login\">0patch Central<\/a>\u304b\u3089\u5165\u624b\u3067\u304d\u307e\u3059\u304c\u3001\u7121\u6599\u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u4f5c\u6210\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u307e\u305f\u3001Microsoft\u4ee5\u5916\u306e\u30d1\u30c3\u30c1\u3092\u4fe1\u983c\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u306a\u3044\u3068\u3044\u3046\u65b9\u306f\u3001Microsoft\u304b\u3089\u306e\u30b3\u30e1\u30f3\u30c8\u3092\u307e\u3063\u305f\u307b\u3046\u304c\u3088\u3044\u3068\u601d\u3044\u307e\u3059(\u672c\u5f53\u306b\u6df1\u523b\u306a\u554f\u984c\u306a\u3089\u3070\u306a\u3093\u3089\u304b\u306e\u30ea\u30a2\u30af\u30b7\u30e7\u30f3\u304c\u3042\u308b\u306f\u305a\u3067\u3059)\u3002<\/p>\n<p>[via <a href=\"https:\/\/www.neowin.net\/news\/all-windows-11-10-server-versions-affected-by-a-new-zero-day-unofficial-patch-out\/\">Neowin<\/a>]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u30de\u30a4\u30af\u30ed\u30d1\u30c3\u30c1\u306e\u63d0\u4f9b\u30b5\u30fc\u30d3\u30b9\u3092\u63d0\u4f9b\u3059\u308b0patch\u306f12\u67085\u65e5\u3001\u653b\u6483\u8005\u304c\u30de\u30eb\u30a6\u30a7\u30a2\u3092\u4f7f\u3063\u3066NTLM\u8a8d\u8a3c\u60c5\u5831\u3092\u76d7\u3080\u3053\u3068\u3092\u53ef\u80fd\u306b\u3059\u308b\u65b0\u3057\u3044Windows\u306e\u8106\u5f31\u6027\u3092\u767a\u898b\u3057\u305f\u3053\u3068\u3092\u767a\u8868\u3057\u307e\u3057\u305f\u3002 0patch\u306f\u3053\u306e\u554f\u984c\u3092\u6b21\u306e\u3088\u3046 [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":124564,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"swell_btn_cv_data":"","footnotes":""},"categories":[3],"tags":[3298,2701,4387],"class_list":["post-126582","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-windows","tag-windows","tag-windows10","tag-windows11"],"_links":{"self":[{"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/posts\/126582","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/comments?post=126582"}],"version-history":[{"count":0,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/posts\/126582\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/media\/124564"}],"wp:attachment":[{"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/media?parent=126582"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/categories?post=126582"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/softantenna.com\/blog\/wp-json\/wp\/v2\/tags?post=126582"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}