{"id":667,"date":"2002-12-14T00:00:00","date_gmt":"2002-12-13T23:00:00","guid":{"rendered":"https:\/\/destinationcyber.com\/?p=667"},"modified":"2002-12-14T00:00:00","modified_gmt":"2002-12-13T23:00:00","slug":"huit-nouveaux-trous-de-securite-dans-la-machine-java-de-microsoft","status":"publish","type":"post","link":"https:\/\/destinationcyber.com\/?p=667","title":{"rendered":"Huit nouveaux trous de s\u00e9curit\u00e9 dans la machine Java de Microsoft"},"content":{"rendered":"

L’\u00e9diteur encourage les administrateurs syst\u00e8me \u00e0 appliquer un patch de s\u00e9curit\u00e9 pour combler huit failles affectant ses syst\u00e8mes Windows. Deux autres alertes de s\u00e9curit\u00e9 ont \u00e9t\u00e9 \u00e9galement publi\u00e9es le 11 d\u00e9cembre<\/p>\n

Microsoft vient de livrer un important correctif de s\u00e9curit\u00e9 (r\u00e9f\u00e9rence : MS02-069<\/a><\/HTML>) concernant la machine virtuelle Java (JVM) que l’\u00e9diteur inclut dans ses syst\u00e8mes Windows 95, 98, ME, NT, 2000 et XP. Ce patch rectifie huit failles de s\u00e9curit\u00e9 – dont l’une est jug\u00e9e critique par Microsoft – affectant la JVM de l’\u00e9diteur.<\/p>\n

Le trou de s\u00e9curit\u00e9 le plus important permet \u00e0 un pirate de prendre le contr\u00f4le de la machine attaqu\u00e9e. Normalement, la machine virtuelle Java a des m\u00e9canismes de s\u00e9curit\u00e9 emp\u00eachant les applets d’invoquer un objet COM (Component Object Model de Microsoft). Mais, il existe une m\u00e9thode pour contourner ces v\u00e9rifications de s\u00e9curit\u00e9, d’o\u00f9 l’existence de la faille. <\/p>\n

Microsoft a, par ailleurs, publi\u00e9 deux autres correctifs ( MS02-071<\/a><\/HTML> et MS02-070<\/a><\/HTML>) pour corriger deux autres probl\u00e8mes de s\u00e9curit\u00e9. Le premier est qualifi\u00e9 d’important et concerne les syst\u00e8mes Windows NT 4, 2000 et XP. Un pirate peut utiliser un message Windows, appel\u00e9 WM_TIMER, pour obtenir des privil\u00e8ges d’administrateur sur une machine.<\/p>\n

Enfin, la faille num\u00e9rot\u00e9e 070 touche le protocole SMB (Server Message Block) de Windows et permet \u00e0 un pirate de modifier les politiques de groupe sur des contr\u00f4leurs de domaine.<\/p>\n

[source – 01net.com]<\/p>\n","protected":false},"excerpt":{"rendered":"

L’\u00e9diteur encourage les administrateurs syst\u00e8me \u00e0 appliquer un patch de s\u00e9curit\u00e9 pour combler huit failles affectant ses syst\u00e8mes Windows. Deux autres alertes de s\u00e9curit\u00e9 ont \u00e9t\u00e9 \u00e9galement publi\u00e9es le 11 d\u00e9cembre<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_citadela_custom_class":"","footnotes":""},"categories":[15],"tags":[],"class_list":["post-667","post","type-post","status-publish","format-standard","hentry","category-securite"],"_links":{"self":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/667","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=667"}],"version-history":[{"count":0,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=\/wp\/v2\/posts\/667\/revisions"}],"wp:attachment":[{"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=667"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=667"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/destinationcyber.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=667"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}