Windows QQ client has a remote code execution vulnerability

News 2023-08-25 17:32:12 views: null

There is a high-risk security vulnerability in the Windows version of the Tencent QQ desktop client, which has not yet been fixed. It is extremely difficult to exploit and very harmful. The attacker only needs to construct an extremely simple message link: when the user clicks on the message link in QQ friends or QQ groups, QQ will automatically download and open the malicious file.

This problem affects the Windows version of QQ 9.7.13 and earlier versions, and the latest version is 9.7.13, so theoretically these versions are affected, but the QQ NT version is 9.9 +, Cyber ​​Kunlun did not mention this version, so it should be It is not affected, but users have to reinstall the QQ NT version.

Vulnerability description:

On August 20, 2023, Cyber ​​Kunlun captured a remote execution vulnerability using the QQ desktop client. This vulnerability is a logic vulnerability. Attackers can use this vulnerability to download and execute files on the QQ client without user confirmation.

When the user clicks on the message link, the QQ client will automatically download and open the file, so the attacker can create any malware and construct a message link to induce the user to click. After clicking, the user will be installed the Trojan horse without knowing it.

Scope of impact and disposal recommendations:

This problem affects the Windows version of QQ 9.7.13 and earlier versions. The latest version is 9.7.13, so there is no new version available to fix the vulnerability.

But the version number of QQ NT version is 9.9 + version , this version is not affected, but users may have to reinstall QQ NT version.

In addition, users should not click on various message links sent by others. They can read but do not click, otherwise it is easy to get tricked. Since the exploit method of this vulnerability is relatively simple, some attackers may have already started to use this method to carry out attacks.

What is the message link:

That is, the message that contains the reply. In Tencent QQ, after replying to the message by yourself or others, QQ will wrap the message in a box. Click this box to quickly view the message. It is essentially a message link.

This vulnerability exploits this function, and security experts have demonstrated it to confirm the existence of this vulnerability.

Guess you like

Origin www.oschina.net/news/254673
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com