{"id":512617,"date":"2022-12-15T15:16:33","date_gmt":"2022-12-15T17:16:33","guid":{"rendered":"https:\/\/teknomers.com\/fr\/microsoft-reclasse-la-vulnerabilite-de-securite-de-negociation-etendue-spnego-comme-critique\/"},"modified":"2022-12-15T15:16:35","modified_gmt":"2022-12-15T17:16:35","slug":"microsoft-reclasse-la-vulnerabilite-de-securite-de-negociation-etendue-spnego-comme-critique","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/microsoft-reclasse-la-vulnerabilite-de-securite-de-negociation-etendue-spnego-comme-critique\/","title":{"rendered":"Microsoft reclasse la vuln\u00e9rabilit\u00e9 de s\u00e9curit\u00e9 de n\u00e9gociation \u00e9tendue SPNEGO comme \u00ab\u00a0critique\u00a0\u00bb"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">15 d\u00e9cembre 2022<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">S\u00e9curit\u00e9 Windows \/ S\u00e9curit\u00e9 r\u00e9seau<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><\/div>\n<p>Microsoft a r\u00e9vis\u00e9 la gravit\u00e9 d&#8217;une vuln\u00e9rabilit\u00e9 de s\u00e9curit\u00e9 qu&#8217;il avait initialement corrig\u00e9e en septembre 2022, en la mettant \u00e0 niveau vers &#8220;Critique&#8221; apr\u00e8s qu&#8217;il est apparu qu&#8217;elle pourrait \u00eatre exploit\u00e9e pour r\u00e9aliser l&#8217;ex\u00e9cution de code \u00e0 distance.<\/p>\n<p>Suivi comme <strong>CVE-2022-37958<\/strong> (score CVSS\u00a0: 8,1), la faille \u00e9tait auparavant d\u00e9crite comme une <a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2022-37958\" target=\"_blank\">vuln\u00e9rabilit\u00e9 de la divulgation d&#8217;informations<\/a> dans la n\u00e9gociation \u00e9tendue SPNEGO (<a rel=\"nofollow noopener\" href=\"https:\/\/learn.microsoft.com\/en-us\/openspecs\/windows_protocols\/ms-negoex\/77c795cf-e522-4678-b0f1-2063c5c0561c\" target=\"_blank\">N\u00c9GOX<\/a>) M\u00e9canisme de s\u00e9curit\u00e9.<\/p>\n<p>SPNEGO, abr\u00e9viation de Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO), est un sch\u00e9ma qui permet \u00e0 un client et \u00e0 un serveur distant de parvenir \u00e0 un consensus sur le choix du protocole \u00e0 utiliser (par exemple, Kerberos ou NTLM) pour l&#8217;authentification.<\/p>\n<div class=\"ad_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/uptycs-inside\" target=\"_blank\" title=\"CyberSecurity\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/12\/1670949871_285_De-graves-attaques-auraient-pu-etre-mises-en-scene-via.png\" width=\"728\" height=\"90\"\/><\/a><\/center><\/div>\n<p>Mais un <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/chompie1337\/status\/1602757336908660736\" target=\"_blank\">analyse plus approfondie<\/a> de la faille par la chercheuse IBM Security X-Force Valentina Palmiotti a d\u00e9couvert qu&#8217;elle pouvait permettre l&#8217;ex\u00e9cution \u00e0 distance de code arbitraire, incitant Microsoft \u00e0 reclasser sa gravit\u00e9.<\/p>\n<p>&#8220;Cette vuln\u00e9rabilit\u00e9 est une vuln\u00e9rabilit\u00e9 d&#8217;ex\u00e9cution de code \u00e0 distance de pr\u00e9-authentification affectant un large \u00e9ventail de protocoles&#8221;, IBM <a rel=\"nofollow noopener\" href=\"https:\/\/securityintelligence.com\/posts\/critical-remote-code-execution-vulnerability-spnego-extended-negotiation-security-mechanism\/\" target=\"_blank\">a dit<\/a> cette semaine.  &#8220;Il a le potentiel d&#8217;\u00eatre vermifuge.&#8221;<\/p>\n<p>En particulier, la lacune pourrait permettre l&#8217;ex\u00e9cution de code \u00e0 distance via n&#8217;importe quel protocole d&#8217;application Windows qui s&#8217;authentifie, y compris HTTP, SMB et RDP.  Compte tenu de la criticit\u00e9 du probl\u00e8me, IBM a d\u00e9clar\u00e9 qu&#8217;il retenait les d\u00e9tails techniques jusqu&#8217;au deuxi\u00e8me trimestre 2023 pour donner aux organisations suffisamment de temps pour appliquer les correctifs.<\/p>\n<p>&#8220;L&#8217;exploitation r\u00e9ussie de cette vuln\u00e9rabilit\u00e9 n\u00e9cessite qu&#8217;un attaquant pr\u00e9pare l&#8217;environnement cible pour am\u00e9liorer la fiabilit\u00e9 de l&#8217;exploit&#8221;, a d\u00e9clar\u00e9 Microsoft. <a rel=\"nofollow noopener\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2022-37958\" target=\"_blank\">mis en garde<\/a> dans son avis mis \u00e0 jour.<\/p>\n<p>&#8220;Contrairement \u00e0 la vuln\u00e9rabilit\u00e9 (CVE-2017-0144) exploit\u00e9e par EternalBlue et utilis\u00e9e dans les attaques du ran\u00e7ongiciel WannaCry, qui n&#8217;affectait que le protocole SMB, cette vuln\u00e9rabilit\u00e9 a une port\u00e9e plus large et pourrait potentiellement affecter un plus large \u00e9ventail de syst\u00e8mes Windows en raison d&#8217;une attaque plus importante. surface des services expos\u00e9s \u00e0 l&#8217;internet public (HTTP, RDP, SMB) ou sur les r\u00e9seaux internes \u00bb, a not\u00e9 IBM.<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant ?  Suivez-nous sur <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Twitter <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"nofollow noopener\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">LinkedIn<\/a> pour lire plus de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/12\/microsoft-reclassifies-spnego-extended.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue80215 d\u00e9cembre 2022\ue804Ravie LakshmananS\u00e9curit\u00e9 Windows \/ S\u00e9curit\u00e9 r\u00e9seau Microsoft a r\u00e9vis\u00e9 la gravit\u00e9 d&#8217;une vuln\u00e9rabilit\u00e9 de s\u00e9curit\u00e9 qu&#8217;il avait initialement corrig\u00e9e en septembre 2022, en la mettant \u00e0 niveau vers &#8220;Critique&#8221; apr\u00e8s qu&#8217;il est apparu qu&#8217;elle pourrait \u00eatre exploit\u00e9e pour r\u00e9aliser l&#8217;ex\u00e9cution de code \u00e0 distance. Suivi comme CVE-2022-37958 (score CVSS\u00a0: 8,1), la faille \u00e9tait [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":512618,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[1756,4168,22,4158,4165,4161,36134,4157,4159,4171,4170,4167,8362,4160,48,4163,4162,132326,1835,4172,4169,132327,4166,3667,4164],"class_list":["post-512617","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-comme","tag-comment-pirater","tag-critique","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-etendue","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-logiciel-malveillant-de-ransomware","tag-microsoft","tag-mises-a-jour-de-la-cybersecurite","tag-negociation","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-reclasse","tag-securite","tag-securite-informatique","tag-securite-internet","tag-spnego","tag-violation-de-donnees","tag-vulnerabilite","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/512617","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=512617"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/512617\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/512618"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=512617"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=512617"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=512617"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}