CN107577948A - A kind of leak restorative procedure and device - Google Patents

A kind of leak restorative procedure and device Download PDF

Info

Publication number
CN107577948A
CN107577948A CN201710726288.4A CN201710726288A CN107577948A CN 107577948 A CN107577948 A CN 107577948A CN 201710726288 A CN201710726288 A CN 201710726288A CN 107577948 A CN107577948 A CN 107577948A
Authority
CN
China
Prior art keywords
file
patch
leak
local
catalogue
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710726288.4A
Other languages
Chinese (zh)
Other versions
CN107577948B (en
Inventor
徐鹏捷
陈雄
赵剑锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
3600 Technology Group Co ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201710726288.4A priority Critical patent/CN107577948B/en
Publication of CN107577948A publication Critical patent/CN107577948A/en
Application granted granted Critical
Publication of CN107577948B publication Critical patent/CN107577948B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Stored Programmes (AREA)

Abstract

The invention provides a kind of leak restorative procedure and device.This method includes:The service packs repaired to local leak is obtained, wherein, the service packs includes patch file catalogue and patch file identity information;Patch file catalogue in the service packs obtains corresponding file to be installed, and the assigned catalogue by the file cache to be installed to local;Using the patch file identity information, the file to be installed cached to the assigned catalogue is verified, judges whether the file to be installed is tampered, obtains judged result;The file to be installed cached to the assigned catalogue is handled accordingly according to the judged result, and buffer status is adjusted to installment state after the completion of to all file process to be installed, so as to complete the reparation to the local leak.The present invention can avoid installing the releasing document needed for local patch file and service packs after patch it is inconsistent caused by blank screen or the problems such as blue screen.

Description

A kind of leak restorative procedure and device
Technical field
The present invention relates to computer security technique field, more particularly to a kind of leak restorative procedure and device.
Background technology
Computer system is collectively constituted by computer's software resource and hardware resource, and computer operating system is computer The basis of software resource and core.However, the design and exploitation of operating system are a complexity and great system engineering, unavoidably Various defects and mistake occur, these defects and mistake are normally referred to as system vulnerability.System vulnerability may cause serious Mistake, it is also possible to utilized by illegal person, carry out the rogue programs such as transmitted virus, wooden horse.For some application software be also as This, equally occurs the leak that may cause serious consequence during design and exploitation.So find in time and handle this A little leaks are also the important component of whole soft project.
The common practice that the developer of operating system or application software provides the user patching bugs is to provide for being sent out The patch of existing leak is selected and installed in user terminal to user.In the prior art, such as windows operate System, during user terminal carries out patch installation, when discharge patch file to it is local when, if local existing corresponding System file, then the system file is obtained from local, to reduce system resource consuming.
However, a large amount of modification edition systems are presently, there are, such as typical ghost systems, rainforest wood wind system etc..At this In a little modification edition systems, some local system files are not often produced person or distorted by virus, wooden horse etc..Even for original Edition system, after virus, wooden horse etc. has been infected, the situation that local system file is tampered can also occur.So, when under user When load official patch is installed, if from the local system file for obtaining and being tampered, due to acquired local system text Part and the file of release needed for patch are inconsistent, when computer is restarted after patch installation, it may appear that blank screen even blue screen The problems such as, influence the normal use of computer.For example in NSA events, largely it is mounted with the computer of the operating systems of windows 7 After being mounted with to extort the patch for the leak that virus is attacked for repairing eternal indigo plant, occur because system file is inconsistent The problems such as caused blank screen or blue screen.Therefore, urgent need to resolve above mentioned problem.
The content of the invention
In view of the above problems, it is proposed that the present invention so as to provide one kind overcome above mentioned problem or at least in part solve on State the leak restorative procedure of problem and corresponding device.
Based on an aspect of of the present present invention, the embodiments of the invention provide a kind of leak restorative procedure, including:
The service packs repaired to local leak is obtained, wherein, the service packs includes patch file catalogue and benefit Fourth file identity information;
Patch file catalogue in the service packs obtains corresponding file to be installed, and by the file to be installed Cache to the assigned catalogue of local;
Using the patch file identity information, school is carried out to the file to be installed cached to the assigned catalogue Test, judge whether the file to be installed is tampered, obtain judged result;
The file to be installed cached to the assigned catalogue is handled accordingly according to the judged result, and Buffer status is adjusted to installment state after the completion of to all file process to be installed, so as to complete to the local The reparation of leak.
Alternatively, the patch file catalogue in the service packs obtains corresponding file to be installed, including:
Patch file catalogue releasing document in the service packs obtains file to be installed, also, in the mistake of release Cheng Zhong, if local have corresponding file, this document is obtained from local.
Alternatively, the local leak include it is following in it is one of any:
The leak of native operating sys-tern, locally applied leak.
Alternatively, when the local leak is the leak of native operating sys-tern, the assigned catalogue is WinSxS catalogues.
Alternatively, the patch file identity information includes:The title of patch file, the unique identity of patch file And the algorithm of the unique identity of the generation patch file;Also,
Using the patch file identity information, school is carried out to the file to be installed cached to the assigned catalogue Test, judge whether the file to be installed is tampered, including:
The algorithm for the unique identity for generating the patch file is obtained from the service packs;
The unique identity of the file to be installed is calculated using the algorithm;
According to the title of the patch file, by the unique identity of the file to be installed and the corresponding patch The unique identity of file contrasts one by one;
If the unique identity of the file to be installed differs with the unique identity of the corresponding patch file Cause, then judge that the file to be installed is tampered;
If the unique identity phase one of the unique identity of the file to be installed and the corresponding patch file Cause, then judge that the file to be installed is not tampered with.
Alternatively, the unique identity is cryptographic Hash;Also,
The algorithm includes the one of any of following algorithm:SHA1、MD2、MD4、MD5.
Alternatively, the file to be installed cached to the assigned catalogue is carried out according to the judged result corresponding Processing, including:
It is tampered if the judged result is the file to be installed, utilizes the corresponding patch file in the service packs Replace the file to be installed being tampered in the assigned catalogue;
It is not tampered with if the judged result is the file to be installed, keeps the file to be installed constant.
Alternatively, after the completion of to all file process to be installed, by calling assignment component management interface by institute State buffer status and be adjusted to installment state.
Alternatively, the assignment component management interface is the service interface based on component.
Based on another aspect of the present invention, the embodiment of the present invention additionally provides a kind of leak prosthetic device, including:
Acquisition module, suitable for obtaining the service packs repaired to local leak, wherein, the service packs includes patch File directory and patch file identity information;
Cache module, corresponding file to be installed is obtained suitable for the patch file catalogue in the service packs, and will The file cache to be installed to local assigned catalogue;
Correction verification module, suitable for utilizing the patch file identity information, to caching to waiting to pacify described in the assigned catalogue Dress file is verified, and is judged whether the file to be installed is tampered, is obtained judged result;
Processing module, suitable for being carried out according to the judged result to the file to be installed cached to the assigned catalogue Corresponding processing;And
State adjusting module, suitable for after the completion of to all file process to be installed, buffer status is adjusted to Installment state, so as to complete the reparation to the local leak.
Alternatively, the patch file catalogue releasing document that the cache module is further adapted in the service packs is treated Installation file, also, during release, if local have corresponding file, this document is obtained from local.
Alternatively, the patch file identity information includes:The title of patch file, the unique identity of patch file And the algorithm of the unique identity of the generation patch file;Also, the correction verification module is further adapted for:
The algorithm for the unique identity for generating the patch file is obtained from the service packs;
The unique identity of the file to be installed is calculated using the algorithm;
According to the title of the patch file, by the unique identity of the file to be installed and the corresponding patch The unique identity of file contrasts one by one;
If the unique identity of the file to be installed differs with the unique identity of the corresponding patch file Cause, then judge that the file to be installed is tampered;
If the unique identity phase one of the unique identity of the file to be installed and the corresponding patch file Cause, then judge that the file to be installed is not tampered with.
Alternatively, the unique identity is cryptographic Hash;Also, the algorithm includes the one of any of following algorithm: SHA1、MD2、MD4、MD5。
Alternatively, the processing module is further adapted for:
It is tampered if the judged result is the file to be installed, utilizes the corresponding patch file in the service packs Replace the file to be installed being tampered in the assigned catalogue;
It is not tampered with if the judged result is the file to be installed, keeps the file to be installed constant.
Alternatively, the state adjusting module is further adapted for after the completion of to all file process to be installed, passes through tune The buffer status is adjusted to installment state with assignment component management interface.
In embodiments of the present invention, by first delaying the file to be installed that the patch file catalogue in service packs obtains Deposit into the assigned catalogue of local, school is carried out to the file to be installed of caching using the patch file identity information in service packs Test, judge whether file to be installed is tampered, obtain judged result;And then caching to assigned catalogue is treated according to judged result Installation file is handled accordingly, and after the completion of to all file process to be installed is adjusted to buffer status to have installed shape State, so as to complete the reparation to local leak.Because the embodiment of the present invention first caches file to be installed, text to be installed is then verified Part, buffer status is finally adjusted to installment state again, ensure that for needed for the file and service packs of local leak reparation Releasing document it is consistent, so as to avoid after installation patch due to file it is inconsistent caused by blank screen or the problems such as blue screen.
Further, in embodiments of the present invention, if file to be installed and the corresponding document in service packs are inconsistent, judge File to be installed is tampered, and the file to be installed being tampered is replaced using the corresponding document in service packs, all having verified After file to be installed, then buffer status is adjusted to installment state, patch file is come into force to complete leak reparation.Due to this The file to be installed being tampered being buffered in assigned catalogue is replaced with corresponding original in service packs by inventive embodiments, real Show in patch installation process to the reparation for the local file being tampered, ensured to discharge needed for local patch file and service packs File it is consistent, so as to avoid after installation patch due to file it is inconsistent caused by blank screen or the problems such as blue screen.In addition, this hair The leak restorative procedure and device that bright embodiment provides are especially suitable for NSA " eternal indigo plant " leak patch more new tools and leakage Repair engine in hole.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention, And can be practiced according to the content of specification, and in order to allow above and other objects of the present invention, feature and advantage can Become apparent, below especially exemplified by the embodiment of the present invention.
According to the accompanying drawings will be brighter to the detailed description of the specific embodiment of the invention, those skilled in the art Above-mentioned and other purposes, the advantages and features of the present invention.
Brief description of the drawings
By reading the detailed description of hereafter preferred embodiment, it is various other the advantages of and benefit it is common for this area Technical staff will be clear understanding.Accompanying drawing is only used for showing the purpose of preferred embodiment, and is not considered as to the present invention Limitation.And in whole accompanying drawing, identical part is denoted by the same reference numerals.In the accompanying drawings:
Fig. 1 shows the process chart of leak restorative procedure according to an embodiment of the invention;
Fig. 2 shows the process chart of leak restorative procedure according to another embodiment of the present invention;And
Fig. 3 shows the structural representation of leak prosthetic device according to an embodiment of the invention.
Embodiment
The exemplary embodiment of the disclosure is more fully described below with reference to accompanying drawings.Although the disclosure is shown in accompanying drawing Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure without should be by embodiments set forth here Limited.On the contrary, these embodiments are provided to facilitate a more thoroughly understanding of the present invention, and can be by the scope of the present disclosure Completely it is communicated to those skilled in the art.
In order to solve the above technical problems, the embodiments of the invention provide a kind of leak restorative procedure.Fig. 1 is shown according to this Invent the process chart of the leak restorative procedure of an embodiment.Referring to Fig. 1, the leak restorative procedure may comprise steps of S102 to step S108.
Step S102, the service packs repaired to local leak is obtained, wherein, service packs includes patch file catalogue With patch file identity information.
Step S104, patch file catalogue in service packs obtains corresponding file to be installed, and by text to be installed Part is cached to the assigned catalogue of local.
Step S106, using patch file identity information, the file to be installed cached to assigned catalogue is verified, sentenced Whether the file to be installed that breaks is tampered, and obtains judged result.
Step S108, the file to be installed cached to assigned catalogue is handled accordingly according to judged result, and To buffer status is adjusted into installment state after the completion of all file process to be installed, so as to complete that local leak is repaiied It is multiple.
In embodiments of the present invention, by first delaying the file to be installed that the patch file catalogue in service packs obtains Deposit into the assigned catalogue of local, school is carried out to the file to be installed of caching using the patch file identity information in service packs Test, judge whether file to be installed is tampered, obtain judged result;And then caching to assigned catalogue is treated according to judged result Installation file is handled accordingly, and after the completion of to all file process to be installed is adjusted to buffer status to have installed shape State, so as to complete the reparation to local leak.Because the embodiment of the present invention first caches file to be installed, text to be installed is then verified Part, buffer status is finally adjusted to installment state again, ensure that for needed for the file and service packs of local leak reparation Releasing document it is consistent, so as to avoid after installation patch due to file it is inconsistent caused by blank screen or the problems such as blue screen.
In above step S102, local leak both can be the leak of native operating sys-tern, such as currently used The leak of Windows7 operating systems or locally applied leak, such as the leak of blue letter Enterprise Mobile working software, Etc., not limited to this of the embodiment of the present invention.In addition, local here can be computer, smart mobile phone, tablet personal computer, intelligent hand On the terminal devices such as table.
Before step S102, existing leak repair function product can be run to scan and judge current user system Whether system environment can or need to install the patch for repairing local leak.Accordingly, in step s 102, according to leakage The scanning result of hole repair function product obtains the service packs repaired to local leak.In actual applications, both can be from High in the clouds obtains service packs, can also not be restricted herein by other means.In order to ensure the integrality of patch bag data, standard True property and security, after service packs is obtained, carry out landing file checking and signature checks.
Patch file catalogue and patch file identity information can be included in service packs, released to indicate to install needed for patch The file and relevant information put.Further, patch file identity information can include:The title of patch file, patch file Unique identity and generate algorithm of unique identity etc. of patch file.In a preferred embodiment, The unique identity of file is Hash (hash) value.Here, the hash algorithm of the hash values for generating file can include SHA1, MD5, MD4, MD2 etc..The design principle of above-mentioned hash algorithm is well-known to those skilled in the art, is no longer gone to live in the household of one's in-laws on getting married herein State.
The service packs of the windows7 system vulnerabilities of virus attack is extorted for recovery " eternal indigo plant " below Exemplified by kb4012212.cab, the patch file catalogue included by service packs and patch file identity information are illustrated. The titles of all patch files, attribute, hash are have recorded in kb4012212.cab inventory file manifest_.cix.xml Value and algorithm etc., are listed below the partial content in inventory file, physical record form is as follows:
The value of the title, i.e. field name of the file of release needed for being obtained from above inventory file part:x86_ microsoft-windows-smss_31bf3856ad364e35_7.1.7601.23677_none_9ffe1ebf1ba6284b\ apisetschema.dll。
In addition, the hash values of discharged file, i.e. field Hash can also be obtained from above inventory file part Value value:711e072b7667e845976bfa47627a6786160a4de1, and corresponding algorithm:SHA1.
In above step S104, after service packs is obtained, patch file catalogue in service packs is by required benefit Fourth file is discharged to locally-available file to be installed, and the assigned catalogue by file cache to be installed to local.It should be noted It is that during release, if local have corresponding file, this document is directly obtained from local.Still grasped with windows Exemplified by making the leak reparation of system, during patch package file discharges, if detecting the finger of local existing required release Determine the patch file of version, then directly replicate the patch file of the indicated release from local, rather than obtained from service packs.
However, the file that the logic of existing windows more new tools is only detected needed for leak reparation whether there is, but simultaneously Whether the content for not detecting file has been tampered, and more the file that be tampered will not be corrected.So, if existing for local The patch file of the indicated release has been tampered, and after installation is complete, the patch file being tampered will come into force, so as to cause The problems such as blank screen or even blue screen.Leak recovery scenario provided in an embodiment of the present invention can efficiently solve this problem, that is, exist In the method for the present embodiment, first the assigned catalogue by file cache to be installed (staged) to local, is in file to be installed Staged states rather than it is directly changed into (installed) state has been installed.It should be noted that buffer status here is A kind of intermediateness, file also Pending The Entry Into Force under buffer status different from installment state.By by file cache to be installed To the assigned catalogue of local, when the file to be installed being tampered be present, the file to be installed that can avoid being tampered directly is given birth to The problems such as imitating, and then preventing thus caused blank screen or even blue screen.
When local leak is the leak of native operating sys-tern, assigned catalogue can be under C disk windows directorys WinSxS catalogues.
Patch file identity information is utilized in above step S106, the file to be installed cached to assigned catalogue is carried out Verification, judges whether file to be installed is tampered, in this scenario, first the embodiments of the invention provide a kind of optional scheme First, the algorithm of the unique identity of generation patch file is obtained from service packs;Then, calculated using acquired algorithm slow The unique identity for the file to be installed deposited;Again, according to the title of patch file, by the file to be installed being calculated Unique identity is contrasted one by one with the unique identity of the corresponding patch file recorded in service packs;Finally, if The unique identity and the unique identity of corresponding patch file for the file to be installed being calculated are inconsistent, then judge The file to be installed has been tampered, and otherwise, then judges that the file to be installed is not tampered with.
Below still with the patch file x86_microsoft-windows-smss_ in service packs kb4012212.cab 31bf3856ad364e35_7.1.7601.23677_none_9ffe1ebf1ba6284b exemplified by apisetschema.dll, it is right The specific implementation process of this step illustrates:
First, obtained from kb4012212.cab inventory file manifest_.cix.xml and generate above-mentioned patch file Hash values algorithm SHA1;
Then, using acquisition patch file SHA1 algorithms, calculate according to above-mentioned steps S104 cache to local finger Determine catalogue (i.e. C:Windows WinSxS) file to be installed hash values;
Again, the hash values that will record in the hash values being calculated and inventory file manifest_.cix.xml " 711e072b7667e845976bfa47627a6786160a4de1 " is contrasted;
Finally, it is both if above-mentioned inconsistent, judge the file x86_microsoft-windows-smss_ to be installed 31bf3856ad364e35_7.1.7601.23677_none_9ffe1ebf1ba6284b apisetschema.dll be tampered, Otherwise, then judge that the file to be installed is not tampered with.
In the method for the embodiment of the present invention, by contrasting the file to be installed of local cache and the benefit in service packs one by one The unique identity of fourth file, preferably hash values, can accurately, easily detect whether local file to be installed is usurped Change, handled accordingly if being tampered, come into force caused blank screen very so as to prevent from installing the file being tampered after patch The problems such as to blue screen.
After above step S106 verifies to the file to be installed of caching, step S108 is then according to judged result to slow Deposit to the file to be installed of assigned catalogue and handled accordingly, specifically, is tampered if judged result is file to be installed, The file to be installed being tampered in assigned catalogue is replaced using the corresponding patch file in service packs, if judged result is to be installed File is not tampered with, then keeps the file to be installed in assigned catalogue constant.
In actual applications, both phase just can be carried out to it according to judged result using a file to be installed has often been verified The mode for the processing answered, it can also use after verification is completed to all files to be installed, be treated further according to judged result to each The mode that installation file is handled accordingly, this is not restricted.
By the way that the file to be installed being tampered being buffered in assigned catalogue is replaced with into corresponding original in service packs, Realize the reparation of the file to be installed to being tampered, so as to prevent from installing the file that is tampered after patch come into force caused by it is black The problems such as screen or even blue screen.
Finally, after the completion of to all file process to be installed, by calling assignment component management interface by text to be installed The buffer status of part is adjusted to installment state, file is come into force, so as to complete the reparation to local leak.The assignment component pipe Reason interface possesses the function of the states such as the peace loading, unloading of changeover module.In a preferred embodiment, the assignment component management Interface is service (Component-based servicing, CBS) interface based on component.
It can be seen that in embodiments of the present invention according to above-mentioned analysis, by first by the patch file in service packs The file cache to be installed that catalogue obtains is into the assigned catalogue of local, using the patch file identity information in service packs to slow The file to be installed deposited is verified, if file to be installed and the corresponding document in service packs are inconsistent, judges text to be installed Part is tampered, and the file to be installed being tampered is replaced using the corresponding document in service packs, is waited and has been verified all texts to be installed After part, then buffer status is adjusted to installment state, patch file is come into force to complete the scheme of leak reparation, realize To the reparation for the local file being tampered in patch installation process, ensure local patch file and releasing document needed for service packs Unanimously, so as to avoid after installation patch due to file it is inconsistent caused by blank screen or the problems such as blue screen.
A variety of implementations of the links of embodiment illustrated in fig. 1 are described above, a specific implementation will be passed through below Example come be discussed in detail the present invention leak restorative procedure implementation process.
Fig. 2 shows the process chart of leak restorative procedure according to another embodiment of the present invention, and this method is used to repair Duplicate windows operating systems leak.Referring to Fig. 2, the leak restorative procedure may comprise steps of S202 to step S210。
S202, the service packs repaired to the leak of local windows operating systems is obtained, wherein, wrapped in service packs Include patch file catalogue and patch file identity information.
Specifically, the service packs for carrying out leak reparation can be directly downloaded from official website of Microsoft, or can also be passed through Other instruments such as 360 security guards etc. obtain service packs.After service packs is obtained, carry out landing file checking and signature inspection Look into, to ensure the integrality of patch bag data, accuracy and security.
Service packs includes patch file catalogue, and the title of each patch file, hash values and generation patch file The algorithm of hash values.Above- mentioned information is recorded in the inventory file manifest_.cix.xml of service packs.
S204, the patch file catalogue releasing document in service packs obtain file to be installed, and by file to be installed Cache to the WinSxS catalogues of local.
Specifically, the patch file catalogue recorded according to inventory file manifest_.cix.xml in service packs, which discharges, mends File in fourth bag is to obtain file to be installed, also, during release, if detect it is local it is existing needed for release The patch file of indicated release, then the patch file of the indicated release is directly replicated as file to be installed from local.Then, will C of the obtained file cache to be installed to local:Windows WinSxS catalogues, make file to be installed be in caching (staged) state is without directly coming into force.
S206, using patch file identity information, the file to be installed cached to WinSxS catalogues is entered based on hash values Row verification, judges whether file to be installed is tampered, obtains judged result.
Specifically, step S206 can be implemented by following operation:
First, the algorithm of the hash values of generation patch file is obtained from service packs.In embodiments of the present invention, generation is mended The algorithm of the hash values of fourth file can be SHA1, MD5 etc..
Secondly, by being scanned to the file to be installed being buffered in WinSxS catalogues, acquired algorithm pair is utilized It carries out calculating and handles to obtain the hash values of each file to be installed.
Again, according to the title of patch file, by the hash values for the file to be installed being calculated and corresponding patch text The hash values of part contrast one by one, judge whether file to be installed is tampered.
Finally, if the hash values of file to be installed and the hash values of corresponding patch file are inconsistent, judged result is File to be installed is tampered, if both are consistent, judged result is that file to be installed is not tampered with.
It is tampered if S208, judged result are file to be installed, is replaced using the corresponding patch file in service packs The file to be installed being tampered in WinSxS catalogues, otherwise, keep file to be installed constant.
By the way that the file to be installed being tampered being buffered in WinSxS catalogues is replaced with into corresponding original text in service packs Part, the reparation of the file to be installed to being tampered is realized, so as to prevent that it is caused that the file being tampered after installation patch from coming into force Blank screen even blue screen the problems such as.
It should be noted that in actual applications, it can both use and a text to be installed has often been verified according to step S206 Part just carries out the mode handled accordingly in step S208 according to judged result to it, can also use to all texts to be installed Part is completed after verifying, and the mode handled accordingly each file to be installed further according to judged result, this is not restricted.
S210, after the completion of to all file process to be installed, by calling CBS interfaces to be adjusted to have pacified by buffer status Dress state, so as to complete the reparation to native operating sys-tern leak.
After the completion of to all file process to be installed, CBS interfaces are called to be adjusted to the buffer status of file to be installed Installment state, file is set to come into force, so as to complete the reparation to native operating sys-tern leak.CBS interfaces are grasped for Microsoft Windows Make a kind of assembly management interface of system, it can complete the functions such as addition/deletion renewal, adjustment, be Windows Update The instrument relied primarily on.
In the specific embodiment of the invention, pass through the text to be installed for first obtaining the patch file catalogue in service packs Part is cached into local WinSxS catalogues, and the file to be installed of caching is verified using the hash values recorded in service packs, Judge whether file to be installed is tampered, and the text to be installed for being judged as being tampered is replaced using the corresponding document in service packs Part, is waited after having verified all files to be installed, then buffer status is adjusted into installment state, patch file is come into force to complete The scheme of system vulnerability reparation, realize in patch installation process to the reparation for the local file being tampered, ensure local mend Fourth file is consistent with releasing document needed for service packs, so as to avoid installation patch after due to file it is inconsistent caused by blank screen Or the problems such as blue screen.
It should be noted that in practical application, above-mentioned all optional embodiments can be any group by the way of combining Close, form the alternative embodiment of the present invention, this is no longer going to repeat them.
Based on same inventive concept, the embodiment of the present invention additionally provides a kind of leak prosthetic device, for supporting above-mentioned One embodiment of anticipating or its provided leak restorative procedure is provided.Fig. 3 shows that leak according to an embodiment of the invention is repaiied The structural representation of apparatus for coating.Referring to Fig. 3, the leak prosthetic device can at least include:Acquisition module 310, cache module 320th, correction verification module 330, processing module 340 and state adjusting module 350.
Now introduce each composition or device of the leak prosthetic device of the embodiment of the present invention function and each several part between company Connect relation:
Acquisition module 310, suitable for obtaining the service packs repaired to local leak, wherein, service packs includes patch File directory and patch file identity information;
Cache module 320, corresponding file to be installed is obtained suitable for the patch file catalogue in service packs, and will treated Installation file is cached to the assigned catalogue of local;
Correction verification module 330, suitable for utilizing patch file identity information, the file to be installed cached to assigned catalogue is carried out Verification, judges whether file to be installed is tampered, obtains judged result;
Processing module 340, suitable for being located accordingly to the file to be installed cached to assigned catalogue according to judged result Reason;And
State adjusting module 350, suitable for after the completion of to all file process to be installed, buffer status being adjusted to have pacified Dress state, so as to complete the reparation to local leak.
In a preferred embodiment, cache module 320 is further adapted for:
Patch file catalogue releasing document in service packs obtains file to be installed, also, during release, If local have corresponding file, this document is obtained from local.
In a preferred embodiment, local leak include it is following in it is one of any:
The leak of native operating sys-tern, locally applied leak.
In a preferred embodiment, when local leak is the leak of native operating sys-tern, assigned catalogue is WinSxS catalogues.
In a preferred embodiment, patch file identity information includes:The title of patch file, patch file are only The algorithm of the unique identity of one identity and generation patch file;Also,
Correction verification module 330 is further adapted for:
The algorithm of the unique identity of generation patch file is obtained from service packs;
The unique identity of file to be installed is calculated using the algorithm;
According to the title of patch file, by the unique identity for the file to be installed being calculated and corresponding patch text The unique identity of part contrasts one by one;
If the unique identity of file to be installed and the unique identity of corresponding patch file are inconsistent, judge File to be installed is tampered;
If the unique identity of file to be installed is consistent with the unique identity of corresponding patch file, judge File to be installed is not tampered with.
In a preferred embodiment, the unique identity is cryptographic Hash;Also, the algorithm includes following algorithm It is one of any:SHA1、MD2、MD4、MD5.
In a preferred embodiment, processing module 340 is further adapted for:
It is tampered if judged result is file to be installed, assigned catalogue is replaced using the corresponding patch file in service packs In the file to be installed that is tampered;
It is not tampered with if judged result is file to be installed, keeps file to be installed constant.
In a preferred embodiment, state adjusting module 350 is further adapted for:
After the completion of to all file process to be installed, by calling assignment component management interface to be adjusted to buffer status Installment state.
In a preferred embodiment, the assignment component management interface is CBS interfaces.
According to the combination of any one above-mentioned alternative embodiment or multiple alternative embodiments, the embodiment of the present invention can reach Following beneficial effect:
In embodiments of the present invention, by first delaying the file to be installed that the patch file catalogue in service packs obtains Deposit into the assigned catalogue of local, school is carried out to the file to be installed of caching using the patch file identity information in service packs Test, judge whether file to be installed is tampered, obtain judged result;And then caching to assigned catalogue is treated according to judged result Installation file is handled accordingly, and after the completion of to all file process to be installed is adjusted to buffer status to have installed shape State, so as to complete the reparation to local leak.Because the embodiment of the present invention first caches file to be installed, text to be installed is then verified Part, buffer status is finally adjusted to installment state again, ensure that for needed for the file and service packs of local leak reparation Releasing document it is consistent, so as to avoid after installation patch due to file it is inconsistent caused by blank screen or the problems such as blue screen.
Further, in embodiments of the present invention, if file to be installed and the corresponding document in service packs are inconsistent, judge File to be installed is tampered, and the file to be installed being tampered is replaced using the corresponding document in service packs, all having verified After file to be installed, then buffer status is adjusted to installment state, patch file is come into force to complete leak reparation.Due to this The file to be installed being tampered being buffered in assigned catalogue is replaced with corresponding original in service packs by inventive embodiments, real Show in patch installation process to the reparation for the local file being tampered, ensured to discharge needed for local patch file and service packs File it is consistent, so as to avoid after installation patch due to file it is inconsistent caused by blank screen or the problems such as blue screen.In addition, this hair The leak restorative procedure and device that bright embodiment provides are especially suitable for NSA " eternal indigo plant " leak patch more new tools and leakage Repair engine in hole.
In the specification that this place provides, numerous specific details are set forth.It is to be appreciated, however, that the implementation of the present invention Example can be put into practice in the case of these no details.In some instances, known method, structure is not been shown in detail And technology, so as not to obscure the understanding of this description.
Similarly, it will be appreciated that in order to simplify the disclosure and help to understand one or more of each inventive aspect, Above in the description to the exemplary embodiment of the present invention, each feature of the invention is grouped together into single implementation sometimes In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor The application claims of shield features more more than the feature being expressly recited in each claim.It is more precisely, such as following Claims reflect as, inventive aspect is all features less than single embodiment disclosed above.Therefore, Thus the claims for following embodiment are expressly incorporated in the embodiment, wherein each claim is in itself Separate embodiments all as the present invention.
Those skilled in the art, which are appreciated that, to be carried out adaptively to the module in the equipment in embodiment Change and they are arranged in one or more equipment different from the embodiment.Can be the module or list in embodiment Member or component be combined into a module or unit or component, and can be divided into addition multiple submodule or subelement or Sub-component.In addition at least some in such feature and/or process or unit exclude each other, it can use any Combination is disclosed to all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so to appoint Where all processes or unit of method or equipment are combined.Unless expressly stated otherwise, this specification (including adjoint power Profit requires, summary and accompanying drawing) disclosed in each feature can be by providing the alternative features of identical, equivalent or similar purpose come generation Replace.
In addition, it will be appreciated by those of skill in the art that although some embodiments described herein include other embodiments In included some features rather than further feature, but the combination of the feature of different embodiments means in of the invention Within the scope of and form different embodiments.For example, in detail in the claims, embodiment claimed it is one of any Mode it can use in any combination.
The all parts embodiment of the present invention can be realized with hardware, or to be run on one or more processor Software module realize, or realized with combinations thereof.It will be understood by those of skill in the art that it can use in practice Microprocessor or digital signal processor (DSP) come realize in leak prosthetic device according to embodiments of the present invention some or The some or all functions of person's whole part.The present invention is also implemented as perform method as described herein one Divide either whole equipment or program of device (for example, computer program and computer program product).It is such to realize this hair Bright program can store on a computer-readable medium, or can have the form of one or more signal.It is such Signal can be downloaded from internet website and obtained, and either provided on carrier signal or provided in the form of any other.
It should be noted that the present invention will be described rather than limits the invention for above-described embodiment, and ability Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims, Any reference symbol between bracket should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not Element or step listed in the claims.Word "a" or "an" before element does not exclude the presence of multiple such Element.The present invention can be by means of including the hardware of some different elements and being come by means of properly programmed computer real It is existing.In if the unit claim of equipment for drying is listed, several in these devices can be by same hardware branch To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and run after fame Claim.
So far, although those skilled in the art will appreciate that detailed herein have shown and described multiple showing for the present invention Example property embodiment, still, still can be direct according to present disclosure without departing from the spirit and scope of the present invention It is determined that or derive many other variations or modifications for meeting the principle of the invention.Therefore, the scope of the present invention is understood that and recognized It is set to and covers other all these variations or modifications.
The invention also discloses a kind of leak restorative procedures of A1., including:
The service packs repaired to local leak is obtained, wherein, the service packs includes patch file catalogue and benefit Fourth file identity information;
Patch file catalogue in the service packs obtains corresponding file to be installed, and by the file to be installed Cache to the assigned catalogue of local;
Using the patch file identity information, school is carried out to the file to be installed cached to the assigned catalogue Test, judge whether the file to be installed is tampered, obtain judged result;
The file to be installed cached to the assigned catalogue is handled accordingly according to the judged result, and Buffer status is adjusted to installment state after the completion of to all file process to be installed, so as to complete to the local The reparation of leak.
A2. the method according to A1, wherein, the patch file catalogue in the service packs obtains to be waited to pacify accordingly File is filled, including:
Patch file catalogue releasing document in the service packs obtains file to be installed, also, in the mistake of release Cheng Zhong, if local have corresponding file, this document is obtained from local.
A3. the method according to A1 or A2, wherein, the local leak include it is following in it is one of any:
The leak of native operating sys-tern, locally applied leak.
A4. the method according to A3, wherein, when the local leak is the leak of native operating sys-tern, the finger It is WinSxS catalogues to determine catalogue.
A5. the method according to A1 to any one of A4, wherein,
The patch file identity information includes:The title of patch file, the unique identity of patch file and life Into the algorithm of the unique identity of the patch file;
Using the patch file identity information, school is carried out to the file to be installed cached to the assigned catalogue Test, judge whether the file to be installed is tampered, including:
The algorithm for the unique identity for generating the patch file is obtained from the service packs;
The unique identity of the file to be installed is calculated using the algorithm;
According to the title of the patch file, by the unique identity of the file to be installed and the corresponding patch The unique identity of file contrasts one by one;
If the unique identity of the file to be installed differs with the unique identity of the corresponding patch file Cause, then judge that the file to be installed is tampered;
If the unique identity phase one of the unique identity of the file to be installed and the corresponding patch file Cause, then judge that the file to be installed is not tampered with.
A6. the method according to A5, wherein,
The unique identity is cryptographic Hash;
The algorithm includes the one of any of following algorithm:SHA1、MD2、MD4、MD5.
A7. the method according to any one of A1 to A6, wherein, caching is specified to described according to the judged result The file to be installed of catalogue is handled accordingly, including:
It is tampered if the judged result is the file to be installed, utilizes the corresponding patch file in the service packs Replace the file to be installed being tampered in the assigned catalogue;
It is not tampered with if the judged result is the file to be installed, keeps the file to be installed constant.
A8. the method according to any one of A1 to A7, wherein, completed to all file process to be installed Afterwards, by calling assignment component management interface that the buffer status is adjusted into installment state.
A9. the method according to A8, wherein, the assignment component management interface is the service interface based on component.
The invention also discloses a kind of leak prosthetic devices of B10., including:
Acquisition module, suitable for obtaining the service packs repaired to local leak, wherein, the service packs includes patch File directory and patch file identity information;
Cache module, corresponding file to be installed is obtained suitable for the patch file catalogue in the service packs, and will The file cache to be installed to local assigned catalogue;
Correction verification module, suitable for utilizing the patch file identity information, to caching to waiting to pacify described in the assigned catalogue Dress file is verified, and is judged whether the file to be installed is tampered, is obtained judged result;
Processing module, suitable for being carried out according to the judged result to the file to be installed cached to the assigned catalogue Corresponding processing;And
State adjusting module, suitable for after the completion of to all file process to be installed, buffer status is adjusted to Installment state, so as to complete the reparation to the local leak.
B11. the device according to B10, wherein, the cache module is further adapted for:
Patch file catalogue releasing document in the service packs obtains file to be installed, also, in the mistake of release Cheng Zhong, if local have corresponding file, this document is obtained from local.
B12. the device according to B10 or B11, wherein, the local leak include it is following in it is one of any:
The leak of native operating sys-tern, locally applied leak.
B13. the device according to B12, wherein, it is described when the local leak is the leak of native operating sys-tern Assigned catalogue is WinSxS catalogues.
B14. the device according to B10 to any one of B13, wherein,
The patch file identity information includes:The title of patch file, the unique identity of patch file and life Into the algorithm of the unique identity of the patch file;
The correction verification module is further adapted for:
The algorithm for the unique identity for generating the patch file is obtained from the service packs;
The unique identity of the file to be installed is calculated using the algorithm;
According to the title of the patch file, by the unique identity of the file to be installed and the corresponding patch The unique identity of file contrasts one by one;
If the unique identity of the file to be installed differs with the unique identity of the corresponding patch file Cause, then judge that the file to be installed is tampered;
If the unique identity phase one of the unique identity of the file to be installed and the corresponding patch file Cause, then judge that the file to be installed is not tampered with.
B15. the device according to B14, wherein,
The unique identity is cryptographic Hash;
The algorithm includes the one of any of following algorithm:SHA1、MD2、MD4、MD5.
B16. the device according to B10 to any one of B15, wherein, the processing module is further adapted for:
It is tampered if the judged result is the file to be installed, utilizes the corresponding patch file in the service packs Replace the file to be installed being tampered in the assigned catalogue;
It is not tampered with if the judged result is the file to be installed, keeps the file to be installed constant.
B17. the device according to B10 to any one of B16, wherein, the state adjusting module is further adapted for:
After the completion of to all file process to be installed, by calling assignment component management interface by the caching shape State is adjusted to installment state.
B18. the device according to B17, wherein, the assignment component management interface is the service interface based on component.

Claims (10)

1. a kind of leak restorative procedure, including:
The service packs repaired to local leak is obtained, wherein, the service packs includes patch file catalogue and patch text Part identity information;
Patch file catalogue in the service packs obtains corresponding file to be installed, and by the file cache to be installed To the assigned catalogue of local;
Using the patch file identity information, the file to be installed cached to the assigned catalogue is verified, sentenced Whether the file to be installed that breaks is tampered, and obtains judged result;
The file to be installed cached to the assigned catalogue is handled accordingly according to the judged result, and right Buffer status is adjusted to installment state after the completion of all file process to be installed, so as to complete to the local leak Reparation.
2. according to the method for claim 1, wherein, the patch file catalogue in the service packs obtains to be treated accordingly Installation file, including:
Patch file catalogue releasing document in the service packs obtains file to be installed, also, during release, If local have corresponding file, this document is obtained from local.
3. method according to claim 1 or 2, wherein, the local leak include it is following in it is one of any:
The leak of native operating sys-tern, locally applied leak.
4. the method according to claim 11, wherein, it is described when the local leak is the leak of native operating sys-tern Assigned catalogue is WinSxS catalogues.
5. according to the method described in claim any one of 1-4, wherein,
The patch file identity information includes:The title of patch file, the unique identity of patch file and generation institute State the algorithm of the unique identity of patch file;
Using the patch file identity information, the file to be installed cached to the assigned catalogue is verified, sentenced Whether the file to be installed that breaks is tampered, including:
The algorithm for the unique identity for generating the patch file is obtained from the service packs;
The unique identity of the file to be installed is calculated using the algorithm;
According to the title of the patch file, by the unique identity of the file to be installed and the corresponding patch file Unique identity contrast one by one;
If the unique identity of the file to be installed and the unique identity of the corresponding patch file are inconsistent, Judge that the file to be installed is tampered;
If the unique identity of the file to be installed is consistent with the unique identity of the corresponding patch file, Judge that the file to be installed is not tampered with.
6. the method according to claim 11, wherein,
The unique identity is cryptographic Hash;
The algorithm includes the one of any of following algorithm:SHA1、MD2、MD4、MD5.
7. according to the method any one of claim 1-6, wherein, caching is specified to described according to the judged result The file to be installed of catalogue is handled accordingly, including:
It is tampered if the judged result is the file to be installed, is replaced using the corresponding patch file in the service packs The file to be installed being tampered in the assigned catalogue;
It is not tampered with if the judged result is the file to be installed, keeps the file to be installed constant.
8. according to the method any one of claim 1-7, wherein, completed to all file process to be installed Afterwards, by calling assignment component management interface that the buffer status is adjusted into installment state.
9. according to the method for claim 8, wherein, the assignment component management interface is the service interface based on component.
10. a kind of leak prosthetic device, including:
Acquisition module, suitable for obtaining the service packs repaired to local leak, wherein, the service packs includes patch file Catalogue and patch file identity information;
Cache module, corresponding file to be installed is obtained suitable for the patch file catalogue in the service packs, and by described in File cache to be installed to local assigned catalogue;
Correction verification module, suitable for utilizing the patch file identity information, to caching to the text to be installed of the assigned catalogue Part is verified, and judges whether the file to be installed is tampered, and obtains judged result;
Processing module is corresponding suitable for being carried out according to the judged result to the file to be installed cached to the assigned catalogue Processing;And
State adjusting module, suitable for after the completion of to all file process to be installed, buffer status being adjusted to have installed State, so as to complete the reparation to the local leak.
CN201710726288.4A 2017-08-22 2017-08-22 Vulnerability repairing method and device Active CN107577948B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710726288.4A CN107577948B (en) 2017-08-22 2017-08-22 Vulnerability repairing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710726288.4A CN107577948B (en) 2017-08-22 2017-08-22 Vulnerability repairing method and device

Publications (2)

Publication Number Publication Date
CN107577948A true CN107577948A (en) 2018-01-12
CN107577948B CN107577948B (en) 2021-03-19

Family

ID=61035155

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710726288.4A Active CN107577948B (en) 2017-08-22 2017-08-22 Vulnerability repairing method and device

Country Status (1)

Country Link
CN (1) CN107577948B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020185772A1 (en) * 2019-03-11 2020-09-17 Itron, Inc. System subset version and authentication for remotely connected devices

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103729597A (en) * 2014-01-16 2014-04-16 宇龙计算机通信科技(深圳)有限公司 System starting verifying method and device and terminal
US20140217166A1 (en) * 2007-08-09 2014-08-07 Hand Held Products, Inc. Methods and apparatus to change a feature set on data collection devices
CN105975864A (en) * 2016-04-29 2016-09-28 北京小米移动软件有限公司 Operation system starting method and device, and terminal
CN106547648A (en) * 2016-10-21 2017-03-29 杭州嘉楠耘智信息科技有限公司 Backup data processing method and device
CN106843933A (en) * 2016-12-27 2017-06-13 北京五八信息技术有限公司 A kind of leak restorative procedure of application program, mobile terminal and patch server
CN106919843A (en) * 2017-01-24 2017-07-04 北京奇虎科技有限公司 Leak repair system, method and apparatus
CN106953874A (en) * 2017-04-21 2017-07-14 深圳市科力锐科技有限公司 Website falsification-proof method and device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140217166A1 (en) * 2007-08-09 2014-08-07 Hand Held Products, Inc. Methods and apparatus to change a feature set on data collection devices
CN103729597A (en) * 2014-01-16 2014-04-16 宇龙计算机通信科技(深圳)有限公司 System starting verifying method and device and terminal
CN105975864A (en) * 2016-04-29 2016-09-28 北京小米移动软件有限公司 Operation system starting method and device, and terminal
CN106547648A (en) * 2016-10-21 2017-03-29 杭州嘉楠耘智信息科技有限公司 Backup data processing method and device
CN106843933A (en) * 2016-12-27 2017-06-13 北京五八信息技术有限公司 A kind of leak restorative procedure of application program, mobile terminal and patch server
CN106919843A (en) * 2017-01-24 2017-07-04 北京奇虎科技有限公司 Leak repair system, method and apparatus
CN106953874A (en) * 2017-04-21 2017-07-14 深圳市科力锐科技有限公司 Website falsification-proof method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
JINGHUI LI ET AL: "A statistical approach for software resource leak detection and prediction", 《2013 IEEE INTERNATIONAL SYMPOSIUM ON SOFTWARE RELIABILITY ENGINEERING WORKSHOPS (ISSREW)》 *
邹雅毅 等: "开源软件漏洞补丁的采集与整理", 《河北省科学院学报》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020185772A1 (en) * 2019-03-11 2020-09-17 Itron, Inc. System subset version and authentication for remotely connected devices
US11074347B2 (en) 2019-03-11 2021-07-27 Itron, Inc. System subset version and authentication for remotely connected devices

Also Published As

Publication number Publication date
CN107577948B (en) 2021-03-19

Similar Documents

Publication Publication Date Title
CN110110522B (en) Kernel repairing method and device
Taylor et al. To update or not to update: Insights from a two-year study of android app evolution
CN104573525B (en) A kind of specific information service software leak repair system based on white list
CA2816814C (en) Repairing corrupt software
US8838964B2 (en) Package audit tool
US20170315837A1 (en) Automated compliance exception approval
CN103368987B (en) Cloud server, application program verification, certification and management system and application program verification, certification and management method
US20150106939A1 (en) Method and system for dynamic and comprehensive vulnerability management
US20160292425A1 (en) System and method for automated remedying of security vulnerabilities
US20140337982A1 (en) Risk Prioritization and Management
CN106055341A (en) Application installation package checking method and device
US20080256631A1 (en) Renewable integrity rooted system
Sellwood et al. Sleeping android: The danger of dormant permissions
US20220244932A1 (en) Multi-signature validation of deployment artifacts
CN103677898A (en) Method for checking loaded extension and/or plug-in on server side and server
CN105528543A (en) Remote antivirus method, client, console and system
CN110869931A (en) Electronic system vulnerability assessment
CN109074295A (en) Data with authenticity are restored
US10395200B2 (en) Method and apparatus for repairing policies
CN118051918A (en) Security vulnerability restoration management method and device
CN107958150A (en) A kind of method for detecting Android hot patch security
CN102982279B (en) Computer-aided design viral infection prevents system and method
CN107577948A (en) A kind of leak restorative procedure and device
CN106650423A (en) Object sample file detecting method and device
US10489137B1 (en) Software verification system and methods

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information
CB03 Change of inventor or designer information

Inventor after: Xu Pengjie

Inventor after: Chen Xiong

Inventor after: Zhao Jianfeng

Inventor before: Xu Pengjie

Inventor before: Chen Xiong

Inventor before: Zhao Jianfeng

GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20220909

Address after: No. 9-3-401, No. 39, Gaoxin 6th Road, Binhai Science and Technology Park, High-tech Zone, Binhai New District, Tianjin 300000

Patentee after: 3600 Technology Group Co.,Ltd.

Address before: 100088 room 112, block D, 28 new street, new street, Xicheng District, Beijing (Desheng Park)

Patentee before: BEIJING QIHOO TECHNOLOGY Co.,Ltd.