{"id":176949,"date":"2022-05-31T12:14:03","date_gmt":"2022-05-31T14:14:03","guid":{"rendered":"https:\/\/teknomers.com\/fr\/attention-aux-pieces-jointes-il-suffit-de-previsualiser-pour-attaquer\/"},"modified":"2022-05-31T12:14:08","modified_gmt":"2022-05-31T14:14:08","slug":"attention-aux-pieces-jointes-il-suffit-de-previsualiser-pour-attaquer","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/attention-aux-pieces-jointes-il-suffit-de-previsualiser-pour-attaquer\/","title":{"rendered":"Attention aux pi\u00e8ces jointes !  Il suffit de pr\u00e9visualiser pour attaquer"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<p>La vuln\u00e9rabilit\u00e9 pourrait permettre l&#8217;ex\u00e9cution de commandes \u00e0 distance \u00e0 l&#8217;aide de documents Microsoft Word.<\/p>\n<div role=\"button\">\n<div class=\"article-image-container\" style=\"height:;padding-bottom:60.9375%\"><img decoding=\"async\" class=\"image image-show\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/05\/1654006443_87_Attention-aux-pieces-jointes-Il-suffit-de-previsualiser-pour.jpg\" alt=\"La vuln\u00e9rabilit\u00e9 a d\u00e9j\u00e0 \u00e9t\u00e9 exploit\u00e9e.\" \/><\/div>\n<p><span class=\"caption-text\">La vuln\u00e9rabilit\u00e9 a d\u00e9j\u00e0 \u00e9t\u00e9 exploit\u00e9e.<!-- --> <\/span><span class=\"media-source\">Adobe Stock \/ AOP<\/span><\/p>\n<\/div>\n<div>\n<p class=\"paragraph\">Centre de cybers\u00e9curit\u00e9 <a rel=\"nofollow noopener\" href=\"https:\/\/www.kyberturvallisuuskeskus.fi\/fi\/haavoittuvuus_10\/2022?toggle=Lis%C3%A4tietoa%20hy%C3%B6kk%C3%A4ystavoista\" target=\"_blank\">pr\u00e9venir<\/a> Une vuln\u00e9rabilit\u00e9 zero-day existe dans l&#8217;outil de diagnostic du support Microsoft qui pourrait permettre \u00e0 un attaquant d&#8217;ex\u00e9cuter \u00e0 distance un document Word construit de mani\u00e8re malveillante.<\/p>\n<p class=\"paragraph\">&#8211; Un aper\u00e7u du document dans Microsoft Explorer ou l&#8217;ouverture d&#8217;un document contenant du code malveillant est suffisant pour exploiter la vuln\u00e9rabilit\u00e9.  &#8220;Protected View&#8221; et &#8220;Application Guard&#8221; de Microsoft prot\u00e8gent contre les vuln\u00e9rabilit\u00e9s, indique le Cyber \u200b\u200b\u200b\u200bSecurity Center.<\/p>\n<p class=\"paragraph\">En pratique, un attaquant peut acc\u00e9der \u00e0 la machine de la victime si la pr\u00e9visualisation des pi\u00e8ces jointes est activ\u00e9e.<\/p>\n<p class=\"paragraph\">On suppose que les criminels tentent de profiter de la vuln\u00e9rabilit\u00e9 et approchent \u00e9galement les Finlandais avec des messages frauduleux contenant des pi\u00e8ces jointes contamin\u00e9es.<\/p>\n<p class=\"paragraph\">Selon le Cyber \u200b\u200b\u200b\u200bSecurity Center, l&#8217;exploitation de la vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 identifi\u00e9e et aucun correctif permanent n&#8217;est encore disponible.  Par cons\u00e9quent, une attention particuli\u00e8re doit \u00eatre port\u00e9e aux documents obtenus de sources non fiables.<\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/www.iltalehti.fi\/tietoturva\/a\/6275f398-81cb-4a6e-b2eb-60e302a7653e\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-54<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>La vuln\u00e9rabilit\u00e9 pourrait permettre l&#8217;ex\u00e9cution de commandes \u00e0 distance \u00e0 l&#8217;aide de documents Microsoft Word. La vuln\u00e9rabilit\u00e9 a d\u00e9j\u00e0 \u00e9t\u00e9 exploit\u00e9e. Adobe Stock \/ AOP Centre de cybers\u00e9curit\u00e9 pr\u00e9venir Une vuln\u00e9rabilit\u00e9 zero-day existe dans l&#8217;outil de diagnostic du support Microsoft qui pourrait permettre \u00e0 un attaquant d&#8217;ex\u00e9cuter \u00e0 distance un document Word construit de mani\u00e8re [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":176950,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[153,8626,2256,507,60690,48605,6816,12192,185,72479,3890,12258,14823,13393],"class_list":["post-176949","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-24h","tag-attaquer","tag-attention","tag-aux","tag-breche-informatique-et-de-securite","tag-jointes","tag-logiciel","tag-pieces","tag-pour","tag-previsualiser","tag-suffit","tag-technologie-general","tag-technologie-de-linformation-secteurs","tag-traitement-des-donnees-et-technologies-de-linformation"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/176949","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=176949"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/176949\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/176950"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=176949"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=176949"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=176949"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}