[-IE-] ie6~ie11有重大安全漏洞(試譯版)
: Microsoft Corp is rushing to fix a bug in its widely used
: Internet Explorer web browser after a computer security
: firm disclosed the flaw over the weekend, saying hackers
: have already exploited it in attacks on some U.S. companies.
在一家網路安全公司揭露一個缺陷後的整個周末,Microsoft忙於料理一個Internet
Explorer瀏覽器上被廣泛利用的漏洞,據傳已經有hacker使用該漏洞對位於美國的一些企
業進行攻擊。
: Microsoft disclosed on Saturday its plans to fix the bug,
: which targets Internet Explorer versions 9 through 11.
Microsoft於周六揭曉關於修復該漏洞的計畫,主要將針對Internet Explorer 9到11版。
: Those versions take up 26.25 percent of the browser market,
: according to FireEye, the cybersecurity software company
: that caught the bug.
由FireEye,這個抓到本漏洞的網路安全公司所做的統計;這些將被修正的版本約占了瀏覽
器市場的26.25%。
: The bug, however, reportedly affects versions 6 through 11.
: Together, those versions dominate desktop browsing, accounting
: for 55 percent of the PC browser market, according to tech
: research firm NetMarketShare.
然而,這個漏洞據報會影響到Internet Explorer 6至11版,根據由科技研究公司
NetMarketShare的資料,所有受影響的版本占了整個PC瀏覽器55%的市佔率。
: Microsoft is rushing to fix a bug in its widely used
: Internet Explorer web browser after a computer security firm
: disclosed the flaw over the weekend
(本段與第一段重複,故省略)
: PCs running Windows XP will not receive any updates fixing that
: bug when they are released, however, because Microsoft stopped
: supporting the 13-year-old operating system earlier this month.
然而,使用Windows XP的PC將不會收到任何修復這項漏洞的更新,因為在本月稍早,
Microsoft已經終止了對這個有13年歷史的作業系統的支援。
: Security firms estimate that between 15 and 25 percent of the
: world's PCs still run Windows XP.
網路安全公司估計全球有15%到25%的PC仍在執行Windows XP。
: FireEye Inc said that a sophisticated group of hackers have been
: exploiting the bug in a campaign dubbed 'Operation Clandestine Fox.'
FireEye公司表示有群經驗老到的Hacker已經在名為"Operation Clandestine Fox"的攻擊
行動中使用了這個漏洞。
: FireEye, whose Mandiant division helps companies respond to cyber
: attacks, declined to name specific victims or identify the group
: of hackers, saying that an investigation into the matter is still
: active. It described the hackers as 'extremely proficient at lateral
: movement' and 'difficult to track.'
FireEye旗下,負責協助企業面對網路攻擊的Mandiant部門,不便透漏受害者或是與hacker
組織相關的名字,該部門表示對此漏洞的相關調查仍在進行中。這顯示這群hacker"相當熟
練於旁敲側擊"而且"難以追蹤"。
: 'It's a campaign of targeted attacks seemingly against U.S.-based
: firms, currently tied to defense and financial sectors,' FireEye
: spokesman Vitor De Souza said via email. 'It's unclear what the
: motives of this attack group are, at this point. It appears to be
: broad-spectrum intel gathering.'
"這似乎是針對美國那些與國防、金融產業息息相關的公司所進行的攻擊行動"FireEye的發
言人Vitor De Souza透過e-mail發表評論。"目前還不清楚發動攻擊組織的動機是什麼。
It appears to be broad-spectrum intel gathering.(這句不會翻)"
: He declined to elaborate, though he said one way to protect against
: them would be to switch to another browser.
儘管他沒有明說,透過他所說的話,另一個與之抗衡的方式可能是切換至另一個瀏覽器。
: The bug reportedly affects versions 6 through 11 of Internet Explorer
這個漏洞獲報會影響6到11版的Internet Explorer。
: Microsoft said in the advisory that the vulnerability could allow
: a hacker to take complete control of an affected system, then do things
: such as viewing changing, or deleting data, installing malicious
: programs, or creating accounts that would give hackers full user rights.
Microsoft在公告中表示該弱點能允許Hacker獲得系統的完整控制權,然後進行如
viewing changing(這個看不懂)、刪除資料、安裝惡意程式、或是建立一個擁有完整權限
的使用者帳號等行動。
: FireEye and Microsoft have not provided much information about the
: security flaw or the approach that hackers could use to figure out how
: to exploit it, said Aviv Raff, chief technology officer of cybersecurity
: firm Seculert.
"FireEye和Microsoft並沒有提供更多關於這個安全弱點或是Hacker可以用它來做什麼的資
訊。"Seculert網路安全公司的首席技術員Aviv Raff這麼說。
: Yet other groups of hackers are now racing to learn more about it so
: they can launch similar attacks before Microsoft prepares a security
: update, Raff said.
"其他Hacker們正快馬加鞭地從中學習(即Operation Clandestine Fox),好叫他們可以在
Microsoft釋出安全更新前發動類似的攻擊"Raff繼續說。
: 'Microsoft should move fast,' he said. 'This will snowball.'
"Microsoft得動作快了"他說"這會像雪球一樣越滾越大"
: Still, he cautioned that Windows XP users will not benefit from that
: update since Microsoft has just halted support for that product.
然後,他提醒,Windows XP的使用者將不會因為這個更新而嘗到甜頭,因為Microsoft已經
終止了對這項產品的支援。
: The software maker said in a statement to Reuters that it advises
: Windows XP users to upgrade to one of two most recently versions of
: its operating system, Windows 7 or 8.
這家軟體製造商(Microsoft)向Reuters(路透社)表示,它建議Windows XP使用者升級到旗
下兩款最新的作業系統,Windows 7或8其中之一。
===============================================================================
第一次翻譯,如有翻得不妥,歡迎指證!也謝謝原PO的原文!
話說這原文內容的重複率有點高(是因為是重點嗎?)
--
※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 36.228.53.39
※ 文章網址: http://www.ptt.cc/bbs/Browsers/M.1398695353.A.F04.html