{"id":18284,"date":"2021-10-14T19:22:50","date_gmt":"2021-10-14T22:22:50","guid":{"rendered":"https:\/\/www.kaspersky.com.br\/blog\/?p=18284"},"modified":"2021-10-18T10:51:45","modified_gmt":"2021-10-18T13:51:45","slug":"october-patch-tuesday-vulnerabilities","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.br\/blog\/october-patch-tuesday-vulnerabilities\/18284\/","title":{"rendered":"71 raz\u00f5es para atualizar o Windows o mais r\u00e1pido poss\u00edvel"},"content":{"rendered":"<p>Durante a \u00faltima Patch Tuesday, a Microsoft consertou um total de 71 vulnerabilidades. A mais perigosa delas \u00e9 a CVE-2021-40449, <a href=\"https:\/\/encyclopedia.kaspersky.ru\/glossary\/use-after-free\/\" target=\"_blank\" rel=\"noopener\">falha use-after-free<\/a> no driver Win32k que os cibercriminosos <a href=\"https:\/\/www.kaspersky.com.br\/blog\/mysterysnail-cve-2021-40449\/18275\/\" target=\"_blank\" rel=\"noopener\">j\u00e1 est\u00e3o explorando<\/a>.<\/p>\n<p>Al\u00e9m disso, a Microsoft corrigiu tr\u00eas vulnerabilidades graves j\u00e1 conhecidas do p\u00fablico. Por enquanto, os especialistas da empresa consideram sua probabilidade de explora\u00e7\u00e3o como \u201cmenos prov\u00e1vel\u201d. No entanto, os especialistas em seguran\u00e7a est\u00e3o discutindo ativamente essas falhas e as provas de conceito (<a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/poc-proof-of-concept\/\" target=\"_blank\" rel=\"noopener\"><em>proof-of-concept<\/em><\/a> em ingl\u00eas) que est\u00e3o dispon\u00edveis na Internet \u2013 e, portanto, algu\u00e9m pode tentar se aproveitar.<\/p>\n<h2>Vulnerabilidade do kernel do Microsoft Windows<\/h2>\n<p>A <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-41335\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2021-41335<\/a>, a mais perigosa dessas tr\u00eas, \u00e9 classificada em 7,8 na escala CVSS. Contido no kernel do Microsoft Windows, permite o aumento de privil\u00e9gios de um processo potencialmente malicioso.<\/p>\n<h2>Ignorando o Windows AppContainer<\/h2>\n<p>A segunda vulnerabilidade, <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-41338\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2021-41338<\/a>, envolve contornar as restri\u00e7\u00f5es do ambiente do Windows AppContainer, que protege aplicativos e processos. Se certas condi\u00e7\u00f5es forem atendidas, uma pessoa n\u00e3o autorizada pode explor\u00e1-la gra\u00e7as \u00e0s regras padr\u00e3o da Plataforma de Filtragem do Windows. Como resultado, a explora\u00e7\u00e3o da vulnerabilidade pode levar ao aumento de privil\u00e9gios.<\/p>\n<p>Os membros do Google Project Zero <a href=\"https:\/\/bugs.chromium.org\/p\/project-zero\/issues\/detail?id=2207\" target=\"_blank\" rel=\"noopener nofollow\">descobriram<\/a> a vulnerabilidade em julho e relataram \u00e0 Microsoft, dando \u00e0 empresa um prazo de 90 dias para corrigi-la e, por fim, publicar a prova de conceito em dom\u00ednio p\u00fablico. A vulnerabilidade tem uma classifica\u00e7\u00e3o CVSS de 5,5.<\/p>\n<h2>Vulnerabilidade do servidor DNS do Windows<\/h2>\n<p>A <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-40469\" target=\"_blank\" rel=\"noopener nofollow\">CVE-2021-40469<\/a> aplica-se apenas a m\u00e1quinas Microsoft Windows em execu\u00e7\u00e3o como servidores DNS. No entanto, todas as vers\u00f5es de servidor atuais do sistema operacional, come\u00e7ando com o Server 2008 e at\u00e9 o rec\u00e9m-lan\u00e7ado Server 2022, s\u00e3o vulner\u00e1veis. A CVE-2021-40469 permite a <a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/remote-code-execution-rce\/\" target=\"_blank\" rel=\"noopener\">execu\u00e7\u00e3o remota de c\u00f3digo<\/a> no servidor e tem classifica\u00e7\u00e3o de 7,2 na escala CVSS.<\/p>\n<h2>Como proteger a sua empresa<\/h2>\n<p>Os <a href=\"https:\/\/www.kaspersky.com\/blog\/most-common-initial-attack-vectors\/42379\/\" target=\"_blank\" rel=\"noopener nofollow\">resultados<\/a> do nosso Incident Response Analyst Report 2021, produzidos pelos nossos colegas que trabalham com [Incident Response placeholder] Incident Response [\/ Incident Response placeholder]<a href=\"https:\/\/www.kaspersky.com.br\/enterprise-security\/incident-response?icid=br_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">Incident Response<\/a>, indicam que as vulnerabilidades continuam sendo vetores de ataque inicial populares. Al\u00e9m disso, elas n\u00e3o s\u00e3o necessariamente as mais recentes \u2013 a principal amea\u00e7a aqui n\u00e3o s\u00e3o as 0-day, mas atrasos na instala\u00e7\u00e3o de atualiza\u00e7\u00f5es em geral. Portanto, sempre recomendamos faz\u00ea-las em todos os dispositivos conectados o mais rapidamente o poss\u00edvel. A atualiza\u00e7\u00e3o \u00e9 especialmente importante para aplicativos cr\u00edticos, como sistemas operacionais, navegadores e solu\u00e7\u00f5es de seguran\u00e7a.<\/p>\n<p>Para proteger sua empresa de ataques que usam vulnerabilidades ainda desconhecidas, use <a href=\"https:\/\/www.kaspersky.com.br\/small-to-medium-business-security?icid=br_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">solu\u00e7\u00f5es de seguran\u00e7a com tecnologias de prote\u00e7\u00e3o proativ<\/a> que podem detectar <a href=\"https:\/\/www.kaspersky.com.br\/blog\/kaspersky-oday-windows\/11169\/\" target=\"_blank\" rel=\"noopener\">exploits 0-day<\/a>.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial\">\n","protected":false},"excerpt":{"rendered":"<p>Na Patch Tuesday de outubro, a Microsoft corrigiu 71 vulnerabilidades, v\u00e1rias das quais s\u00e3o particularmente graves.<\/p>\n","protected":false},"author":2581,"featured_media":18285,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1119,1655,1656],"tags":[267,230],"class_list":{"0":"post-18284","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"category-smb","10":"tag-vulnerabilidades","11":"tag-windows"},"hreflang":[{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/october-patch-tuesday-vulnerabilities\/18284\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/october-patch-tuesday-vulnerabilities\/23494\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/18971\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/25571\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/october-patch-tuesday-vulnerabilities\/23643\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/23096\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/october-patch-tuesday-vulnerabilities\/26225\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/october-patch-tuesday-vulnerabilities\/31715\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/october-patch-tuesday-vulnerabilities\/10168\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/october-patch-tuesday-vulnerabilities\/42462\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/october-patch-tuesday-vulnerabilities\/17881\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/october-patch-tuesday-vulnerabilities\/15415\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/october-patch-tuesday-vulnerabilities\/27560\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/october-patch-tuesday-vulnerabilities\/27724\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/october-patch-tuesday-vulnerabilities\/24485\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/october-patch-tuesday-vulnerabilities\/29846\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/october-patch-tuesday-vulnerabilities\/29644\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.br\/blog\/tag\/windows\/","name":"Windows"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/posts\/18284","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/users\/2581"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/comments?post=18284"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/posts\/18284\/revisions"}],"predecessor-version":[{"id":18287,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/posts\/18284\/revisions\/18287"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/media\/18285"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/media?parent=18284"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/categories?post=18284"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.br\/blog\/wp-json\/wp\/v2\/tags?post=18284"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}