{"id":1860,"date":"2017-04-11T08:43:27","date_gmt":"2017-04-11T05:43:27","guid":{"rendered":"https:\/\/egegen.com\/blog\/?p=1860"},"modified":"2022-09-15T17:39:57","modified_gmt":"2022-09-15T14:39:57","slug":"microsoft-office-guvenlik-acigi-word-dosya-kullanimina-izin-veriyor","status":"publish","type":"post","link":"https:\/\/egegen.com\/blog\/microsoft-office-guvenlik-acigi-word-dosya-kullanimina-izin-veriyor\/","title":{"rendered":"Microsoft Office G\u00fcvenlik A\u00e7\u0131\u011f\u0131 Word Dosya Kullan\u0131m\u0131na \u0130zin Veriyor"},"content":{"rendered":"<p><strong>Microsoft Office<\/strong> <strong>g\u00fcvenlik a\u00e7\u0131\u011f\u0131<\/strong>, bilgisayar korsanlar\u0131n\u0131n k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m y\u00fcklemek ad\u0131na Word dosyalar\u0131n\u0131\u00a0kullanmas\u0131na izin veriyor. \u00d6n\u00fcm\u00fczdeki g\u00fcnlerde\u00a0<strong>Word<\/strong>&#8216;de a\u00e7t\u0131\u011f\u0131n\u0131z dosyalar konusunda \u00e7ok dikkatli olmal\u0131s\u0131n\u0131z. Sald\u0131rganlar, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131 sisteminize\u00a0gizlemek amac\u0131yla Microsoft Office&#8217;te daha \u00f6nce a\u00e7\u0131klanamayan bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan yararlanmaktad\u0131rlar.<\/p>\n<p>S\u0131f\u0131r g\u00fcnl\u00fck yaz\u0131l\u0131m hatas\u0131 temelde vir\u00fcs bula\u015fm\u0131\u015f Word belgelerine dayan\u0131yor. Bu belgeler daha sonra zengin metin dosyalar\u0131 olarak gizlenmi\u015f k\u00f6t\u00fc ama\u00e7l\u0131 <strong>HTML<\/strong> uygulamalar\u0131n\u0131 indiriyor. HTML uygulamalar\u0131 \u00e7al\u0131\u015ft\u0131r\u0131ld\u0131ktan sonra uzaktaki bir sunucuya ba\u011flan\u0131r ve zararl\u0131 yaz\u0131l\u0131mlar\u0131 gizlice y\u00fcklemek i\u00e7in tasarlanm\u0131\u015f \u00f6zel bir komut dosyas\u0131 \u00e7al\u0131\u015ft\u0131r\u0131r.<\/p>\n<p><img class=\"alignnone size-full wp-image-1865\" src=\"https:\/\/egegen.com\/blog\/wp-content\/uploads\/2017\/04\/office-1.png\" alt=\"microsoft office\" width=\"728\" height=\"400\" \/><\/p>\n<p>As\u0131l endi\u015fe verici olan, normal makro sald\u0131r\u0131lar\u0131n\u0131n aksine, sald\u0131r\u0131 vekt\u00f6r\u00fc potansiyel sald\u0131r\u0131lar\u0131 engellemeyi zorla\u015ft\u0131r\u0131r. G\u00fcvenlik a\u00e7\u0131\u011f\u0131, <strong>McAfee<\/strong> ara\u015ft\u0131rmac\u0131lar\u0131 taraf\u0131ndan ge\u00e7en Cuma g\u00fcn\u00fc detayl\u0131 olarak a\u00e7\u0131kland\u0131. O g\u00fcnden\u00a0sonra, di\u011fer siber g\u00fcvenlik \u015firketi olan <strong>FireEye<\/strong>, <strong>Microsoft<\/strong>&#8216;un bu sorunu d\u00fczeltene kadar \u015firketin hi\u00e7bir a\u00e7\u0131klama yapmayaca\u011f\u0131n\u0131 bildiren bir blog yay\u0131nlad\u0131.\u00a0Ancak her iki \u015firket de, sorunun son birka\u00e7 y\u0131ld\u0131r birka\u00e7 kez istismar edilen Windows Nesnesi Ba\u011flama ve G\u00f6mme (OLE) i\u015flevi ile ili\u015fkili oldu\u011funu belirtti.<\/p>\n<p>Ara\u015ft\u0131rmac\u0131lara g\u00f6re bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131; <strong>Office 2016<\/strong> da dahil olmak \u00fczere t\u00fcm Office s\u00fcr\u00fcmlerini etkiliyor.\u00a0Neyse ki, bir Microsoft s\u00f6zc\u00fcs\u00fc, Microsoft&#8217;un ayl\u0131k g\u00fcncellemesinin bug\u00fcn yap\u0131laca\u011f\u0131n\u0131 ve bu sorunun g\u00fcncelleme ile ortadan kald\u0131r\u0131laca\u011f\u0131n\u0131 do\u011frulad\u0131.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft Office g\u00fcvenlik a\u00e7\u0131\u011f\u0131, bilgisayar korsanlar\u0131n\u0131n k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m y\u00fcklemek ad\u0131na Word dosyalar\u0131n\u0131\u00a0kullanmas\u0131na izin veriyor. \u00d6n\u00fcm\u00fczdeki g\u00fcnlerde\u00a0Word&#8216;de a\u00e7t\u0131\u011f\u0131n\u0131z dosyalar konusunda \u00e7ok dikkatli olmal\u0131s\u0131n\u0131z. Sald\u0131rganlar, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131 sisteminize\u00a0gizlemek amac\u0131yla Microsoft Office&#8217;te daha \u00f6nce a\u00e7\u0131klanamayan bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan yararlanmaktad\u0131rlar. S\u0131f\u0131r g\u00fcnl\u00fck yaz\u0131l\u0131m hatas\u0131 temelde vir\u00fcs bula\u015fm\u0131\u015f Word belgelerine dayan\u0131yor. Bu belgeler daha sonra zengin metin dosyalar\u0131 &hellip;<\/p>\n","protected":false},"author":1,"featured_media":1861,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[178],"tags":[],"_links":{"self":[{"href":"https:\/\/egegen.com\/blog\/wp-json\/wp\/v2\/posts\/1860"}],"collection":[{"href":"https:\/\/egegen.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/egegen.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/egegen.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/egegen.com\/blog\/wp-json\/wp\/v2\/comments?post=1860"}],"version-history":[{"count":0,"href":"https:\/\/egegen.com\/blog\/wp-json\/wp\/v2\/posts\/1860\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/egegen.com\/blog\/wp-json\/wp\/v2\/media\/1861"}],"wp:attachment":[{"href":"https:\/\/egegen.com\/blog\/wp-json\/wp\/v2\/media?parent=1860"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/egegen.com\/blog\/wp-json\/wp\/v2\/categories?post=1860"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/egegen.com\/blog\/wp-json\/wp\/v2\/tags?post=1860"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}