TR-20-198 (Corel PaintShop Pro Zafiyeti)

Genel Bilgi

Corel PaintShop Pro ürününde kritik ACE zafiyetleri tespit edildi.

Etki

Birden çok mevcut güvenlik açıklığı nedeniyle, siber saldırganlar tarafından hedef alınan sistemlerde zafıyete sebebiyet verebilmektedir. Bu zafiyetin ileriki zamanlarda zararlı yazılım yaymakta da kullanılabileceği öngörülmektedir.

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM), sistem yöneticilerine; Corel PaintShop Pro uygulamasının bilinmeyen kaynaklardan gelen dosyaları açarken ve kullanırken dikkatli olunması önerilmektedir.

Kaynaklar

https://www.zerodayinitiative.com/advisories/ZDI-20-351/

https://www.zerodayinitiative.com/advisories/ZDI-20-352/

https://www.zerodayinitiative.com/advisories/ZDI-20-353/

https://www.zerodayinitiative.com/advisories/ZDI-20-354/

https://www.zerodayinitiative.com/advisories/ZDI-20-355/

https://www.zerodayinitiative.com/advisories/ZDI-20-356/

https://www.zerodayinitiative.com/advisories/ZDI-20-357/

https://www.zerodayinitiative.com/advisories/ZDI-20-358/

https://www.zerodayinitiative.com/advisories/ZDI-20-359/

https://www.zerodayinitiative.com/advisories/ZDI-20-360/

https://www.zerodayinitiative.com/advisories/ZDI-20-361/

https://www.zerodayinitiative.com/advisories/ZDI-20-362/

https://www.zerodayinitiative.com/advisories/ZDI-20-363/

https://www.zerodayinitiative.com/advisories/ZDI-20-364/

https://www.zerodayinitiative.com/advisories/ZDI-20-365/

https://www.zerodayinitiative.com/advisories/ZDI-20-366/

https://www.zerodayinitiative.com/advisories/ZDI-20-367/

https://www.cybersecurity-help.cz/vdb/SB2020040613

2020-04-06