{"id":8035,"date":"2025-08-26T14:20:31","date_gmt":"2025-08-26T07:20:31","guid":{"rendered":"https:\/\/nopphatnguoi.vn\/blog\/microsoft-phat-hanh-ban-va-khan-cap-cho-2-lo-hong-bao-mat-sharepoint\/"},"modified":"2025-08-26T14:20:37","modified_gmt":"2025-08-26T07:20:37","slug":"microsoft-phat-hanh-ban-va-khan-cap-cho-2-lo-hong-bao-mat-sharepoint","status":"publish","type":"post","link":"https:\/\/nopphatnguoi.vn\/blog\/microsoft-phat-hanh-ban-va-khan-cap-cho-2-lo-hong-bao-mat-sharepoint\/","title":{"rendered":"Microsoft ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 kh\u1ea9n c\u1ea5p cho 2 l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt SharePoint"},"content":{"rendered":"<div>\n<p>Ng&agrave;y 21\/7, Microsoft &#273;&atilde; ph&aacute;t h&agrave;nh m&#7897;t b&#7843;n c&#7853;p nh&#7853;t kh&#7849;n c&#7845;p quan tr&#7885;ng nh&#7857;m kh&#7855;c ph&#7909;c hai l&#7895; h&#7893;ng b&#7843;o m&#7853;t nghi&ecirc;m tr&#7885;ng tr&ecirc;n n&#7873;n t&#7843;ng SharePoint, &#273;&#432;&#7907;c &#273;&aacute;nh m&atilde; hi&#7879;u CVE-2025-53770 v&agrave; CVE-2025-53771. &#272;&acirc;y l&agrave; c&aacute;c l&#7895; h&#7893;ng cho ph&eacute;p th&#7921;c thi m&atilde; t&#7915; xa (RCE) &#8211; m&#7897;t trong nh&#7919;ng d&#7841;ng t&#7845;n c&ocirc;ng nguy hi&#7875;m nh&#7845;t &#8211; m&agrave; kh&ocirc;ng c&#7847;n x&aacute;c th&#7921;c tr&ecirc;n c&aacute;c m&aacute;y ch&#7911; SharePoint.<\/p>\n<figure><img decoding=\"async\" src=\"https:\/\/media.tripmap.vn\/blog-npn\/2025\/08\/microsoft-phat-hanh-ban-va-khan-cap-cho-2-lo-hong-bao-mat-sharepoint.webp\" alt=\"\" width=\"100%\"><\/figure>\n<p>Hai l&#7895; h&#7893;ng n&agrave;y &#273;&atilde; &#273;&#432;&#7907;c ph&aacute;t hi&#7879;n trong cu&#7897;c thi t&#7845;n c&ocirc;ng m&#7841;ng Pwn2Own t&#7841;i Berlin h&#7891;i th&aacute;ng 5. C&aacute;c &#273;&#7897;i thi &#273;&atilde; khai th&aacute;c th&agrave;nh c&ocirc;ng chu&#7895;i l&#7895; h&#7893;ng ToolShell &#273;&#7875; ki&#7875;m so&aacute;t h&#7879; th&#7889;ng SharePoint. M&#7863;c d&ugrave; Microsoft &#273;&atilde; ph&aacute;t h&agrave;nh b&#7843;n v&aacute; s&#417; b&#7897; trong &#273;&#7907;t c&#7853;p nh&#7853;t th&aacute;ng 7, nh&#432;ng tin t&#7863;c nhanh ch&oacute;ng t&igrave;m ra c&aacute;ch v&#432;&#7907;t qua c&aacute;c l&#7899;p b&#7843;o v&#7879; n&agrave;y v&agrave; ti&#7871;p t&#7909;c t&#7845;n c&ocirc;ng h&#7879; th&#7889;ng.<\/p>\n<p>Theo &#432;&#7899;c t&iacute;nh c&#7911;a c&ocirc;ng ty an ninh m&#7841;ng Censys, hi&#7879;n c&oacute; h&#417;n 10.000 m&aacute;y ch&#7911; SharePoint tr&ecirc;n to&agrave;n c&#7847;u &#273;ang c&oacute; nguy c&#417; b&#7883; x&acirc;m nh&#7853;p, t&#7853;p trung ch&#7911; y&#7871;u t&#7841;i M&#7929;, H&agrave; Lan, Anh v&agrave; Canada. C&#417; quan An ninh m&#7841;ng v&agrave; H&#7841; t&#7847;ng Hoa K&#7923; (CISA) c&#7843;nh b&aacute;o r&#7857;ng c&aacute;c l&#7895; h&#7893;ng n&agrave;y cho ph&eacute;p tin t&#7863;c truy c&#7853;p h&#7879; th&#7889;ng t&#7879;p, &#273;&#7885;c c&#7845;u h&igrave;nh n&#7897;i b&#7897; v&agrave; c&agrave;i &#273;&#7863;t m&atilde; &#273;&#7897;c t&#7915; xa m&agrave; kh&ocirc;ng c&#7847;n t&agrave;i kho&#7843;n &#273;&#259;ng nh&#7853;p.<\/p>\n<p>Nh&oacute;m chuy&ecirc;n gia c&#7911;a Google Threat Intelligence m&ocirc; t&#7843; &#273;&acirc;y l&agrave; &#8216;truy c&#7853;p kh&ocirc;ng c&#7847;n x&aacute;c th&#7921;c m&#7897;t c&aacute;ch li&ecirc;n t&#7909;c&#8217;, trong khi Palo Alto Networks g&#7885;i &#273;&acirc;y l&agrave; &#8216;m&#7889;i &#273;e d&#7885;a th&#7921;c s&#7921; v&agrave; hi&#7879;n h&#7919;u&#8217;. C&aacute;c chi&#7871;n d&#7883;ch t&#7845;n c&ocirc;ng hi&#7879;n t&#7841;i &#273;ang s&#7917; d&#7909;ng c&aacute;c t&#7879;p &#273;&#7897;c h&#7841;i nh&#432; spinstall0.aspx v&agrave; t&#7845;n c&ocirc;ng tr&#7921;c ti&#7871;p v&agrave;o th&#432; m&#7909;c _layouts &ndash; &#273;&#7863;c &#273;i&#7875;m th&#432;&#7901;ng th&#7845;y trong c&aacute;c &#273;&#7907;t t&#7845;n c&ocirc;ng APT c&oacute; ch&#7911; &#273;&iacute;ch v&agrave; quy m&ocirc; l&#7899;n.<\/p>\n<p>Microsoft &#273;&atilde; cung c&#7845;p h&#432;&#7899;ng d&#7851;n kh&#7855;c ph&#7909;c c&#7909; th&#7875; cho t&#7915;ng phi&ecirc;n b&#7843;n h&#7879; th&#7889;ng SharePoint, bao g&#7891;m SharePoint Server 2019, SharePoint Server 2016 v&agrave; SharePoint Subscription Edition. Qu&#7843;n tr&#7883; vi&ecirc;n c&#7847;n c&#7853;p nh&#7853;t kh&oacute;a m&aacute;y, kh&#7903;i &#273;&#7897;ng l&#7841;i d&#7883;ch v&#7909; IIS tr&ecirc;n t&#7845;t c&#7843; m&aacute;y ch&#7911; SharePoint v&agrave; ki&#7875;m tra log h&#7879; th&#7889;ng v&agrave; nh&#7853;t k&yacute; IIS &#273;&#7875; ph&aacute;t hi&#7879;n truy c&#7853;p tr&aacute;i ph&eacute;p.<\/p>\n<p>M&#7897;t s&#7889; d&#7845;u hi&#7879;u c&#7847;n l&#432;u &yacute; bao g&#7891;m xu&#7845;t hi&#7879;n t&#7879;p l&#7841; t&#7841;i &#273;&#432;&#7901;ng d&#7851;n C:Program FilesCommon FilesMicrosoft SharedWeb Server Extensions16TEMPLATELAYOUTSspinstall0.aspx v&agrave; log IIS hi&#7875;n th&#7883; c&aacute;c truy c&#7853;p b&#7845;t th&#432;&#7901;ng. Microsoft c&#361;ng cung c&#7845;p c&ocirc;ng c&#7909; truy v&#7845;n trong Microsoft 365 Defender gi&uacute;p ph&aacute;t hi&#7879;n nhanh c&aacute;c m&#7889;i &#273;e d&#7885;a ti&#7873;m t&agrave;ng li&ecirc;n quan &#273;&#7871;n ToolShell.<\/p>\n<p>Qu&#7843;n tr&#7883; vi&ecirc;n h&#7879; th&#7889;ng SharePoint c&#7847;n l&#7853;p t&#7913;c th&#7921;c hi&#7879;n c&aacute;c bi&#7879;n ph&aacute;p kh&#7855;c ph&#7909;c &#273;&#7875; b&#7843;o v&#7879; h&#7879; th&#7889;ng c&#7911;a m&igrave;nh tr&#432;&#7899;c nh&#7919;ng l&#7895; h&#7893;ng b&#7843;o m&#7853;t nghi&ecirc;m tr&#7885;ng n&agrave;y. &#272;&#7891;ng th&#7901;i, ng&#432;&#7901;i d&ugrave;ng c&#361;ng n&ecirc;n n&acirc;ng cao c&#7843;nh gi&aacute;c v&agrave; &aacute;p d&#7909;ng c&aacute;c bi&#7879;n ph&aacute;p an ninh m&#7841;ng c&#7847;n thi&#7871;t &#273;&#7875; ph&ograve;ng tr&aacute;nh c&aacute;c cu&#7897;c t&#7845;n c&ocirc;ng m&#7841;ng.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft ph\u00e1t h\u00e0nh b\u1ea3n c\u1eadp nh\u1eadt kh\u1ea9n c\u1ea5p v\u00e1 hai l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt SharePoint m\u1edbi, CVE-2023-29357 v\u00e0 CVE-2023-24953.<\/p>\n","protected":false},"author":1,"featured_media":8037,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[3,12],"tags":[70,7277,817,7278],"class_list":["post-8035","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-thoi-su","category-xa-hoi","tag-bao-mat","tag-cap-nhat-khan-cap","tag-microsoft","tag-sharepoint"],"_links":{"self":[{"href":"https:\/\/nopphatnguoi.vn\/blog\/wp-json\/wp\/v2\/posts\/8035","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nopphatnguoi.vn\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nopphatnguoi.vn\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nopphatnguoi.vn\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nopphatnguoi.vn\/blog\/wp-json\/wp\/v2\/comments?post=8035"}],"version-history":[{"count":0,"href":"https:\/\/nopphatnguoi.vn\/blog\/wp-json\/wp\/v2\/posts\/8035\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nopphatnguoi.vn\/blog\/wp-json\/wp\/v2\/media\/8037"}],"wp:attachment":[{"href":"https:\/\/nopphatnguoi.vn\/blog\/wp-json\/wp\/v2\/media?parent=8035"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nopphatnguoi.vn\/blog\/wp-json\/wp\/v2\/categories?post=8035"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nopphatnguoi.vn\/blog\/wp-json\/wp\/v2\/tags?post=8035"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}