https://blog.qife122.com/tags/%E9%A9%B1%E5%8A%A8%E5%AE%89%E5%85%A8/ Recent content in 驱动安全 on 办公AI智能小助手 Hugo zh-cn qife Sun, 04 Jan 2026 03:59:31 +0800 https://blog.qife122.com/p/%E6%88%B4%E5%B0%94controlvault3%E9%A9%B1%E5%8A%A8%E7%A8%8B%E5%BA%8F%E6%9B%9D%E5%87%BA%E5%A4%9A%E4%B8%AA%E5%86%85%E5%AD%98%E8%B6%8A%E7%95%8C%E6%BC%8F%E6%B4%9E/ Sun, 04 Jan 2026 03:59:31 +0800 https://blog.qife122.com/p/%E6%88%B4%E5%B0%94controlvault3%E9%A9%B1%E5%8A%A8%E7%A8%8B%E5%BA%8F%E6%9B%9D%E5%87%BA%E5%A4%9A%E4%B8%AA%E5%86%85%E5%AD%98%E8%B6%8A%E7%95%8C%E6%BC%8F%E6%B4%9E/ <h1 id="talos-2025-2175--思科talos情报组---全面威胁情报">TALOS-2025-2175 || 思科Talos情报组 - 全面威胁情报</h1> <h2 id="漏洞报告">漏洞报告</h2> <h3 id="talos-2025-2175">TALOS-2025-2175</h3> <h4 id="dell-controlvault3-controlvault-wbdi-driver-broadcom-storage-adapter-越界写入漏洞">Dell ControlVault3 ControlVault WBDI Driver Broadcom Storage Adapter 越界写入漏洞</h4> <p><strong>2025年11月17日</strong></p> <p><strong>CVE编号</strong> CVE-2025-36462, CVE-2025-36463, CVE-2025-36460, CVE-2025-36461</p> <p><strong>概要</strong> Dell ControlVault3 5.14.3.0的ControlVault WBDI Driver Broadcom Storage Adapter功能中存在多个越界读取和写入漏洞。特制的WinBioControlUnit调用可导致内存破坏。攻击者可发出API调用来触发此漏洞。</p> https://blog.qife122.com/p/%E6%B7%B1%E5%85%A5%E8%A7%A3%E6%9E%90ms08-066probeforread/probeforwrite%E7%BB%95%E8%BF%87%E6%BC%8F%E6%B4%9E%E7%9A%84%E6%8D%95%E8%8E%B7%E4%B8%8E%E4%BF%AE%E5%A4%8D/ Thu, 18 Sep 2025 10:33:53 +0800 https://blog.qife122.com/p/%E6%B7%B1%E5%85%A5%E8%A7%A3%E6%9E%90ms08-066probeforread/probeforwrite%E7%BB%95%E8%BF%87%E6%BC%8F%E6%B4%9E%E7%9A%84%E6%8D%95%E8%8E%B7%E4%B8%8E%E4%BF%AE%E5%A4%8D/ <h1 id="ms08-066--捕获和修复probeforread--probeforwrite绕过漏洞">MS08-066 : 捕获和修复ProbeForRead / ProbeForWrite绕过漏洞</h1> <p>afd.sys驱动程序负责处理套接字连接。MS08-066解决了afd.sys中的多个漏洞，这些漏洞可能允许攻击者在内核模式下执行任意代码。根据我们的调查，这些漏洞只能本地利用，不存在远程攻击向量。</p>