WO2010105516A1 - Method and device for patching of vulnerability - Google Patents

Method and device for patching of vulnerability Download PDF

Info

Publication number
WO2010105516A1
WO2010105516A1 PCT/CN2010/070497 CN2010070497W WO2010105516A1 WO 2010105516 A1 WO2010105516 A1 WO 2010105516A1 CN 2010070497 W CN2010070497 W CN 2010070497W WO 2010105516 A1 WO2010105516 A1 WO 2010105516A1
Authority
WO
WIPO (PCT)
Prior art keywords
vulnerability
computer
module
level
repair
Prior art date
Application number
PCT/CN2010/070497
Other languages
French (fr)
Chinese (zh)
Inventor
陈起儒
Original Assignee
腾讯科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 腾讯科技(深圳)有限公司 filed Critical 腾讯科技(深圳)有限公司
Publication of WO2010105516A1 publication Critical patent/WO2010105516A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security

Definitions

  • the present invention relates to the field of computer security, and in particular, to a method and apparatus for repairing a vulnerability. Background of the invention
  • the embodiment of the present invention provides a method and device for repairing the vulnerability.
  • the technical solution is as follows: On the one hand, a method for repairing a vulnerability is provided, and the method includes:
  • the device that fixes the vulnerability detects whether the computer has a vulnerability
  • Analyze the existing vulnerability obtain the level of the vulnerability, and repair the existing vulnerability according to the level of the vulnerability.
  • an embodiment of the present invention provides an apparatus for repairing a vulnerability, and the apparatus includes:
  • a detecting module configured to detect whether a computer has a vulnerability
  • An analysis module configured to analyze a vulnerability detected by the detection module, and obtain a level of the vulnerability
  • the repair module is configured to repair the existing vulnerability according to the level of the vulnerability analyzed by the analysis module.
  • Embodiment 1 is a flowchart of a method for repairing a vulnerability provided by Embodiment 1 of the present invention
  • FIG. 2 is a flowchart of a method for repairing a vulnerability according to Embodiment 2 of the present invention
  • FIG. 3 is a schematic structural diagram of an apparatus for repairing a vulnerability according to Embodiment 3 of the present invention
  • FIG. 4 is a schematic structural diagram of another apparatus for repairing a vulnerability provided by Embodiment 3 of the present invention
  • the method for repairing a vulnerability includes: detecting a vulnerability of the device to detect whether the computer has a vulnerability; analyzing the existing vulnerability, obtaining a level of the vulnerability, and correspondingly repairing the existing vulnerability according to the level of the vulnerability.
  • a method for repairing a vulnerability is as follows:
  • the device for repairing the vulnerability detects whether the computer has a vulnerability, and if so, executes 102, otherwise, executes 103;
  • the device that fixes the vulnerability detects the vulnerability of the computer, and automatically detects the existing vulnerability when detecting the vulnerability of the computer. It not only helps the user to automatically repair the vulnerability of the computer in the first time, but also minimizes the computer. User access network The risk of being attacked by hackers.
  • This embodiment provides a method for repairing a vulnerability, which can implement a real-time repair of a computer vulnerability in any software that automatically runs with a computer startup.
  • the vulnerability may be a vulnerability in the computer hardware or a computer software.
  • the vulnerability in this embodiment is exemplified by a device having a function of supporting detection and repairing a vulnerability, and a method for repairing a vulnerability provided in this embodiment is described in detail. Referring to Figure 2, the method is as follows:
  • the device After the device has the function of supporting detection and repairing vulnerabilities, the device automatically runs to support the detection and repair of vulnerabilities;
  • the support detection and repair vulnerability function is turned on by the user, and the device automatically runs the support detection and repair vulnerability function when the computer is started.
  • the system tray taskbar in the computer will set an icon for displaying the support detection and repair vulnerability has been started.
  • the device After the predetermined period of time is run, the device automatically accesses the server end in the network;
  • the device After the device supports the detection and repair of the vulnerability function for a period of time, it then accesses the server in the network to ensure that the network is connected.
  • the server side in the network stores the latest vulnerability profile, and according to the vulnerability profile, the device can detect whether the computer has a vulnerability in the computer.
  • the server will update the discovered vulnerability profile at any time.
  • the vulnerability profile in the computer should be updated at any time to ensure timely detection of vulnerabilities in the computer.
  • the trigger After the vulnerability profile update is completed, the trigger immediately detects whether the computer has a vulnerability in the background, and if so, executes 205, otherwise, executes 206;
  • the device In order to detect the loopholes in the computer in time, you need to set a period for updating the vulnerability profile. For example: After the detection and repair of the vulnerability function is run, the device automatically accesses the server every 10 minutes to update the vulnerability profile. This implementation The case does not specifically limit the cycle of updating the vulnerability profile.
  • the new vulnerability profile After detecting the new vulnerability profile, it is triggered to detect whether the computer has a vulnerability; if there is no new vulnerability profile, the computer may not be detected whether there is a hole; thereby saving resources occupied by each detection.
  • vulnerabilities can seriously threaten the security of computers. Some vulnerabilities do not pose a threat to the security of computers. According to the characteristics of vulnerabilities and the threat to the security of computers, vulnerabilities are classified into different levels:
  • High-risk level It may cause damage to the computer, which means that the computer's administrative rights are owned by the hacker, for example: Causes the popular Trojan to invade the computer system.
  • Normal level It will not cause the computer to be damaged, that is, it will not cause the computer's management rights to be owned by the hacker. For example: Generally, it will not cause the popular Trojan to invade the computer system.
  • the server on the network will issue a patch to fix the vulnerability, or release a new version of the system after the improvement. Therefore, by downloading the latest version of the patch or the new version of the system to the server on the network, The vulnerability is fixed, and the entire repair process does not require manual intervention, which improves the user experience.
  • the specific repair method based on the level of the vulnerability is:
  • the user is prompted to "ignore the discovered vulnerability.” For example: There may be some vulnerabilities in the version of the operating system of the computer, which may cause some defects in the current version of the operating system, but the defect will not pose a threat to the security of the computer, even if the server has released a new version of the system after the improvement defect, Choose to ignore the current vulnerability of the computer operating system, or you can choose to download the new version of the system.
  • the version of the computer operating system can be upgraded to the new version to prevent system vulnerabilities from being exploited by criminals, but with the computer operating system updated to the new version. The computer operating system will be reinstalled and the previous patches will be cleared.
  • the level of the vulnerability, the scope of the selected repair, and the prompt performance may be differently defined according to the strategy for repairing the vulnerability product.
  • the repair result can be prompted in the system tray area task bar of the computer, for example, "7 vulnerabilities have been successfully repaired.” If the repairing vulnerability fails due to problems such as network connection, you can prompt the user to fix the failure information, and support the user to view the details. Love.
  • the software automatically running after being started by the computer is used to periodically detect the vulnerability of the computer by periodically updating the vulnerability feature file after running for a period of time, and timely repairing the existing vulnerability. This helps users automatically fix vulnerabilities in the computer at the first time, minimizing the risk of hacking when the user accesses the network, and the entire repair process does not require manual participation, which improves the user experience.
  • the present invention also provides an apparatus for repairing a vulnerability, including:
  • a detection module that detects whether a computer has a vulnerability.
  • An analysis module is configured to analyze the vulnerability detected by the detection module to obtain a level of the vulnerability.
  • the repair module is configured to repair the existing vulnerability according to the level of the vulnerability analyzed by the analysis module.
  • the apparatus for repairing a vulnerability may include: a detecting module 301, configured to detect whether a computer has a vulnerability;
  • the analyzing module 302 is configured to analyze the existing vulnerability when the detecting module 301 detects that the computer has a vulnerability, and obtain a level of the vulnerability;
  • the repair module 303 is configured to repair the existing vulnerability according to the level of the vulnerability analyzed by the analysis module 302.
  • the stopping module 304 is configured to automatically stop the repairing of the vulnerability when the detecting module detects that the computer does not have a vulnerability.
  • the apparatus further includes:
  • the access update module 305 is configured to automatically access the server end after the device for repairing the vulnerability is started, and update the vulnerability feature file, and the trigger detection module 301 detects whether the computer has a vulnerability according to the updated vulnerability feature file.
  • the access update module automatically accesses the server at regular intervals and updates the vulnerability profile.
  • the trigger detection module 301 starts to detect whether the computer has a vulnerability; if there is no new vulnerability profile, the detection module 301 may not be triggered to detect whether the computer has a vulnerability; thereby avoiding occupation by each detection. Resources.
  • the foregoing analyzing module 302 is specifically configured to determine, according to the vulnerability feature, whether the vulnerability may cause the computer to be damaged; if possible, the vulnerability is regarded as a high-risk vulnerability; if not, the vulnerability is regarded as a common level vulnerability.
  • the above repair module 303 is specifically used for timely repairing a high-risk vulnerability or an unrepaired vulnerability; for a common level vulnerability or an unrecoverable vulnerability, the selection is ignored, and no repair is temporarily made.
  • the device further includes:
  • the first prompt module 306 is configured to prompt to repair the vulnerability when the vulnerability is successfully repaired.
  • the second prompt module 307 is configured to prompt the repair of the vulnerability when the vulnerability is failed, and support the user to view the details.
  • the device for repairing a vulnerability triggers detection of whether a vulnerability exists in the computer by updating the vulnerability feature file.
  • the vulnerability is automatically repaired according to the level of the vulnerability, and the entire repair process does not require manual participation, thereby improving the user.
  • Experience not only helps users automatically fix vulnerabilities in their computers in the first place, but also minimizes the risk of computers being hacked when users access the network.
  • Part of the steps in the embodiment of the present invention can be implemented by using software, and the corresponding software program It can be stored in a readable storage medium such as a compact disc or a hard disk.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The present invention discloses a method and a device for patching of vulnerability, which belong to the computer security field. The method includes: the vulnerability patching device detects whether vulnerability exists in a computer; the existent vulnerability is analyzed in order to obtain the level of the vulnerability, and the corresponding patching of the existent vulnerability is implemented according to the level of the vulnerability. The device includes: detecting module, analyzing module, and patching module. The present invention enables patching of vulnerability automatically when the vulnerability of the computer is detected, and manual operation is avoided through the whole patching process; so as to improve the user experience, help the user to patch the vulnerability of the computer instantly, and most adequately decrease the venture of the computer from being attacked by hacker while the user visits a network.

Description

一种修复漏洞的方法及装置  Method and device for repairing vulnerabilities
技术领域 本发明涉及计算机安全领域,特别涉及一种修复漏洞的方法及装置。 发明背景 TECHNICAL FIELD The present invention relates to the field of computer security, and in particular, to a method and apparatus for repairing a vulnerability. Background of the invention
随着网络的普及, 计算机的应用越来越广泛, 计算机系统的安全也 就逐渐成为了人们十分关注的问题。 由于应用软件或操作系统软件在逻 辑设计上存在缺陷, 或在编写程序时产生的错误, 使计算机系统存在系 统漏洞, 导致这个缺陷或错误可以被不法份子或计算机黑客利用, 通过 植入木马、 病毒等方式来攻击或控制整个计算机, 从而窃取计算机中的 重要资料和信息, 甚至破坏计算机系统。 因此, 修复漏洞, 成为了人们 在保护计算机时必做的一项工作。  With the popularity of the network, the application of computers has become more and more widespread, and the security of computer systems has gradually become a concern of people. Due to defects in the logic design of the application software or operating system software, or errors in the writing of the program, the system system has a system vulnerability, which may cause the defect or error to be exploited by the scam or computer hacker by implanting a Trojan, a virus. Other ways to attack or control the entire computer, thereby stealing important information and information from the computer, and even destroying the computer system. Therefore, fixing vulnerabilities has become a must-have for people to protect their computers.
现有的修复漏洞产品很多, 都能够提供修复漏洞的功能。 用户需要 定期启动修复漏洞的软件程序, 并在检测出系统漏洞时, 选择需要修复 的系统漏洞, 通过下载和安装与系统漏洞相对应的补丁程序, 实现系统 漏洞的修复。  There are many existing bug fix products that provide the ability to fix vulnerabilities. Users need to periodically start the software program to repair the vulnerability, and when detecting the system vulnerability, select the system vulnerability that needs to be repaired, and fix the system vulnerability by downloading and installing the patch corresponding to the system vulnerability.
在实现本发明的过程中, 发明人发现现有技术至少存在以下几个缺 点:  In the process of implementing the present invention, the inventors have found that the prior art has at least the following disadvantages:
用户需要定期启动软件程序对计算机系统进行系统漏洞检测, 才能 发现系统漏洞, 通过用户选择需要修复的系统漏洞, 才能对计算机系统 存在的系统漏洞进行修复, 因此, 修复漏洞需要人工参与; 对大多数初 级用户而言, 修复漏洞的操作过程较为繁瑣复杂, 初级用户难以选择哪 些系统漏洞需要立即修复, 哪些系统漏洞可以忽略暂不修复, 有时会因 为用户没有及时对系统漏洞进行修复, 而导致计算机在用户访问网络时 受到黑客攻击。 发明内容 Users need to periodically start software programs to detect system vulnerabilities in computer systems, in order to discover system vulnerabilities, and to select system vulnerabilities that need to be repaired, in order to repair system vulnerabilities in computer systems. Therefore, remediation of vulnerabilities requires manual participation; For beginners, the process of fixing vulnerabilities is cumbersome and complicated. It is difficult for beginners to choose which system vulnerabilities need to be repaired immediately. Which system vulnerabilities can be ignored and not repaired. Sometimes, because users do not fix system vulnerabilities in time, the computer is When users access the network Hacked. Summary of the invention
为了帮助用户在第一时间自动修复计算机存在的漏洞, 最大程度地 降低计算机在用户访问网络时受到黑客攻击的风险, 并增加用户体验, 本发明实施例提供了一种修复漏洞的方法及装置。 所述技术方案如下: 一方面, 提供了一种修复漏洞的方法, 所述方法包括:  In order to help the user automatically fix the vulnerabilities of the computer in the first time, the risk of hacking the user when the user accesses the network is minimized, and the user experience is increased, the embodiment of the present invention provides a method and device for repairing the vulnerability. The technical solution is as follows: On the one hand, a method for repairing a vulnerability is provided, and the method includes:
修复漏洞的装置检测计算机是否存在漏洞;  The device that fixes the vulnerability detects whether the computer has a vulnerability;
对存在的漏洞进行分析,得到漏洞的级别,并根据所述漏洞的级别, 对所述存在的漏洞做相应修复。  Analyze the existing vulnerability, obtain the level of the vulnerability, and repair the existing vulnerability according to the level of the vulnerability.
另一方面, 本发明实施例提供了一种修复漏洞的装置, 所述装置包 括:  In another aspect, an embodiment of the present invention provides an apparatus for repairing a vulnerability, and the apparatus includes:
检测模块, 用于检测计算机是否存在漏洞;  a detecting module, configured to detect whether a computer has a vulnerability;
分析模块, 用于对所述检测模块检测出的漏洞进行分析, 得到漏洞 的级别;  An analysis module, configured to analyze a vulnerability detected by the detection module, and obtain a level of the vulnerability;
修复模块, 用于根据所述分析模块分析出的漏洞的级别, 对所述存 在的漏洞做相应修复。  The repair module is configured to repair the existing vulnerability according to the level of the vulnerability analyzed by the analysis module.
本发明实施例提供的技术方案的有益效果是:  The beneficial effects of the technical solutions provided by the embodiments of the present invention are:
通过检测计算机是否存在漏洞, 并在检测到计算机存在漏洞时, 根 据漏洞的级别自动进行修复; 不仅能够帮助用户在第一时间自动修复计 算机漏洞, 而且最大程度地降低了计算机在用户访问网络时受到黑客攻 击的风险。 附图简要说明  By detecting if a computer has a vulnerability and automatically detecting a vulnerability in the computer, it automatically repairs it based on the level of the vulnerability; it not only helps users automatically fix computer vulnerabilities in the first place, but also minimizes the computer's access to the network when users access the network. The risk of hacking. BRIEF DESCRIPTION OF THE DRAWINGS
为了更清楚地说明本发明实施例中的技术方案, 下面将对实施例描 述中所需要使用的附图作筒单地介绍, 显而易见地, 下面描述中的附图 仅仅是本发明的一些实施例, 对于本领域普通技术人员来讲, 在不付出 创造性劳动的前提下, 还可以根据这些附图获得其他的附图。 In order to more clearly illustrate the technical solution in the embodiment of the present invention, the following describes the embodiment. The drawings used in the description are to be taken in a single manner. It is obvious that the drawings in the following description are only some embodiments of the present invention, and those skilled in the art, without any creative work, Other drawings can also be obtained from these figures.
图 1是本发明实施例 1提供的修复漏洞的方法流程图;  1 is a flowchart of a method for repairing a vulnerability provided by Embodiment 1 of the present invention;
图 2是本发明实施例 2提供的修复漏洞的方法流程图;  2 is a flowchart of a method for repairing a vulnerability according to Embodiment 2 of the present invention;
图 3是本发明实施例 3提供的修复漏洞的装置结构示意图; 图 4是本发明实施例 3提供的另一种修复漏洞的装置结构示意图; 图 5是本发明实施例 3提供的又一种修复漏洞的装置结构示意图。 实施本发明的方式  3 is a schematic structural diagram of an apparatus for repairing a vulnerability according to Embodiment 3 of the present invention; FIG. 4 is a schematic structural diagram of another apparatus for repairing a vulnerability provided by Embodiment 3 of the present invention; FIG. Schematic diagram of the structure of the device to fix the vulnerability. Mode for carrying out the invention
为使本发明的目的、 技术方案和优点更加清楚, 下面将结合附图对 本发明实施方式作进一步地详细描述。  The embodiments of the present invention will be further described in detail below with reference to the accompanying drawings.
实施例 1  Example 1
本发明提供的修复漏洞的方法包括: 修复漏洞的装置检测计算机是 否存在漏洞; 对存在的漏洞进行分析, 得到漏洞的级别, 并根据所述漏 洞的级别, 对所述存在的漏洞做相应修复。  The method for repairing a vulnerability provided by the present invention includes: detecting a vulnerability of the device to detect whether the computer has a vulnerability; analyzing the existing vulnerability, obtaining a level of the vulnerability, and correspondingly repairing the existing vulnerability according to the level of the vulnerability.
优选地, 参见图 1 , 本实施例提供的一种修复漏洞的方法流程如下: Preferably, referring to FIG. 1 , a method for repairing a vulnerability provided by this embodiment is as follows:
101 : 修复漏洞的装置检测计算机是否存在漏洞, 如果是, 则执行 102, 否则, 执行 103; 101: The device for repairing the vulnerability detects whether the computer has a vulnerability, and if so, executes 102, otherwise, executes 103;
102: 对存在的漏洞进行分析, 得到漏洞的级别, 并根据所述漏洞 的级别, 对所述存在的漏洞做相应修复;  102: Analyze the existing vulnerability, obtain the level of the vulnerability, and repair the existing vulnerability according to the level of the vulnerability;
103: 自动停止修复漏洞。  103: Automatically stop fixing the vulnerability.
通过修复漏洞的装置检测计算机是否存在漏洞, 并在检测出计算机 存在漏洞时, 自动对存在的漏洞进行修复, 不仅能够帮助用户在第一时 间自动修复计算机存在的漏洞, 最大程度地降低了计算机在用户访问网 络时受到黑客攻击的风险。 The device that fixes the vulnerability detects the vulnerability of the computer, and automatically detects the existing vulnerability when detecting the vulnerability of the computer. It not only helps the user to automatically repair the vulnerability of the computer in the first time, but also minimizes the computer. User access network The risk of being attacked by hackers.
实施例 2  Example 2
本实施例提供了一种修复漏洞的方法, 该方法可以在任何随计算机 启动而自动运行的软件中实现实时修复计算机存在的漏洞, 其中, 漏洞 可以为计算机硬件中的漏洞, 也可以为计算机软件中的漏洞, 本实施例 以具有支持检测和修复漏洞功能的装置为例, 对本实施例提供的修复漏 洞的方法#文详细说明。 参见图 2, 该方法内容如下:  This embodiment provides a method for repairing a vulnerability, which can implement a real-time repair of a computer vulnerability in any software that automatically runs with a computer startup. The vulnerability may be a vulnerability in the computer hardware or a computer software. The vulnerability in this embodiment is exemplified by a device having a function of supporting detection and repairing a vulnerability, and a method for repairing a vulnerability provided in this embodiment is described in detail. Referring to Figure 2, the method is as follows:
201 : 装置具有的支持检测和修复漏洞功能被用户开启后, 装置自 动运行支持检测和修复漏洞功能;  201: After the device has the function of supporting detection and repairing vulnerabilities, the device automatically runs to support the detection and repair of vulnerabilities;
作为一种优选方案, 为了实现修复漏洞的实时性, 支持检测和修复 漏洞功能被用户开启后, 装置将随计算机的启动而自动运行支持检测和 修复漏洞功能。  As a preferred solution, in order to realize the real-time nature of the repair vulnerability, the support detection and repair vulnerability function is turned on by the user, and the device automatically runs the support detection and repair vulnerability function when the computer is started.
实际应用中, 支持检测和修复漏洞功能运行后, 计算机中的系统托 盘区任务栏将设置一个图标, 用于显示支持检测和修复漏洞功能已经开 启。  In the actual application, after the detection and repair vulnerability function is enabled, the system tray taskbar in the computer will set an icon for displaying the support detection and repair vulnerability has been started.
202: 支持检测和修复漏洞功能运行预定时间段后, 装置自动访问 网络中的服务器端;  202: Supporting the detection and repair of the vulnerability function After the predetermined period of time is run, the device automatically accesses the server end in the network;
针对该步骤, 装置之所以在支持检测和修复漏洞功能运行一段时间 后, 再去访问网络中的服务器端, 是为了保证网络处于连接状态。  For this step, after the device supports the detection and repair of the vulnerability function for a period of time, it then accesses the server in the network to ensure that the network is connected.
具体地, 网络中的服务器端存储了最新的漏洞特征文件, 根据漏洞 特征文件, 装置能够在计算机内检测出计算机是否存在漏洞。  Specifically, the server side in the network stores the latest vulnerability profile, and according to the vulnerability profile, the device can detect whether the computer has a vulnerability in the computer.
203: 根据服务器端存储的漏洞特征文件, 更新计算机内已有的漏 洞特征文件;  203: Update a vulnerability feature file existing in the computer according to the vulnerability feature file stored on the server side;
其中, 当计算机中的软件或硬件在逻辑设计上的缺陷或在编写时产 生的错误被发现后, 针对缺陷或错误产生的漏洞也因此被发现, 所以, 服务器端会随时更新发现的漏洞特征文件, 相应地, 计算机内的漏洞特 征文件也要随时进行更新, 才能保证及时检测出计算机内的漏洞。 Among them, when the software or hardware in the computer is found in the logic design or the error generated during the writing, the vulnerability caused by the defect or the error is also discovered, therefore, The server will update the discovered vulnerability profile at any time. Correspondingly, the vulnerability profile in the computer should be updated at any time to ensure timely detection of vulnerabilities in the computer.
204: 漏洞特征文件更新完成后, 触发立即在后台检测计算机是否 存在漏洞, 如果是, 则执行 205 , 否则, 执行 206;  204: After the vulnerability profile update is completed, the trigger immediately detects whether the computer has a vulnerability in the background, and if so, executes 205, otherwise, executes 206;
为了及时检测出计算机内存在的漏洞, 需要设定一个更新漏洞特征 文件的周期, 例如: 支持检测和修复漏洞功能运行后, 每隔 10分钟, 装置自动访问服务器端, 更新漏洞特征文件, 本实施例不对更新漏洞特 征文件的周期做具体限定。  In order to detect the loopholes in the computer in time, you need to set a period for updating the vulnerability profile. For example: After the detection and repair of the vulnerability function is run, the device automatically accesses the server every 10 minutes to update the vulnerability profile. This implementation The case does not specifically limit the cycle of updating the vulnerability profile.
优选地, 在检测到新的漏洞特征文件之后, 再触发检测计算机是否 存在漏洞; 如果没有新的漏洞特征文件, 可以不检测计算机是否存在漏 洞; 从而能够节约因每次检测而占用的资源。  Preferably, after detecting the new vulnerability profile, it is triggered to detect whether the computer has a vulnerability; if there is no new vulnerability profile, the computer may not be detected whether there is a hole; thereby saving resources occupied by each detection.
205: 自动停止修复漏洞;  205: Automatically stop repairing the vulnerability;
206: 对存在的漏洞进行级别分析, 并根据级别分析的结果做相应 修复。  206: Perform a level analysis on the existing vulnerabilities and fix them according to the results of the level analysis.
具体地, 有些漏洞, 能够严重威胁计算机的安全, 而有的漏洞, 不 会对计算机的安全造成威胁, 根据漏洞特征及对计算机的安全造成威胁 的程度, 将漏洞分为不同的级别:  Specifically, some vulnerabilities can seriously threaten the security of computers. Some vulnerabilities do not pose a threat to the security of computers. According to the characteristics of vulnerabilities and the threat to the security of computers, vulnerabilities are classified into different levels:
高危级别: 可能会导致计算机受到破坏, 即导致计算机的管理权限 被黑客拥有, 例如: 导致流行木马入侵计算机系统。  High-risk level: It may cause damage to the computer, which means that the computer's administrative rights are owned by the hacker, for example: Causes the popular Trojan to invade the computer system.
普通级别: 不会导致计算机受到破坏, 即不会导致计算机的管理权 限被黑客拥有, 例如: 一般不会导致流行木马入侵计算机系统。  Normal level: It will not cause the computer to be damaged, that is, it will not cause the computer's management rights to be owned by the hacker. For example: Generally, it will not cause the popular Trojan to invade the computer system.
针对漏洞, 网络中的服务器端会发布修复漏洞的补丁程序, 或是发 布被改进之后的新版本系统, 因此, 通过到网络中的服务器端下载最新 版本的补丁程序或是新版本系统, 即可完成修复漏洞, 整个修复过程不 需要人工参与, 改善了用户体验。 根据漏洞的级别作出的具体修复处理方式为: For vulnerabilities, the server on the network will issue a patch to fix the vulnerability, or release a new version of the system after the improvement. Therefore, by downloading the latest version of the patch or the new version of the system to the server on the network, The vulnerability is fixed, and the entire repair process does not require manual intervention, which improves the user experience. The specific repair method based on the level of the vulnerability is:
一、 对于高危级别的漏洞, 或是从没有修复过的漏洞:  First, for high-risk vulnerabilities, or vulnerabilities that have never been fixed:
及时进行修复, 此时, 提示用户 "发现漏洞, 正在修复", 开始下 载并安装漏洞补丁程序。  In time for the repair, at this point, the user is prompted to "discover the vulnerability, is repairing", start downloading and installing the vulnerability patch.
例如: 计算机的操作系统提供某种服务时, 存在严重的漏洞, 使攻 击者可非法进行系统的访问、 对计算机进行攻击, 还可通过控制多台计 算机向其他计算机发起攻击, 因此, 该操作系统存在的漏洞需要及时修 复,针对这种漏洞,除了在使用计算机时禁止应用存在该漏洞的服务外, 最有效的措施就是及时地下载并安装相应的补丁程序。  For example: When a computer's operating system provides a service, there are serious vulnerabilities that allow an attacker to illegally access the system, attack the computer, and control multiple computers to attack other computers. Therefore, the operating system The existing vulnerability needs to be repaired in time. In addition to prohibiting the application of the service with the vulnerability when using the computer, the most effective measure is to download and install the corresponding patch in time.
二、 对于普通级别的漏洞, 或是已经修复成功的漏洞, 或是无法修 复的漏洞:  Second, for common level vulnerabilities, or vulnerabilities that have been fixed successfully, or vulnerabilities that cannot be fixed:
可以暂不作修复, 选择忽略, 此时, 提示用户 "忽略发现的漏洞"。 例如: 计算机的操作系统的版本可能存在一些漏洞, 导致操作系统 现在的版本有些缺陷, 但该缺陷不会对计算机的安全造成威胁, 即使服 务器端已经发布了改进缺陷之后的新版本系统, 仍然可以选择忽略计算 机操作系统当前的漏洞, 也可以选择下载新版本系统, 此时, 计算机操 作系统的版本可以升级至新版本, 以防止系统漏洞被不法分子利用, 但 随着计算机操作系统更新至新版本, 计算机操作系统会被重新安装, 以 前的补丁程序也将被全部清除。  You can leave it unfixed and choose Ignore. At this point, the user is prompted to "ignore the discovered vulnerability." For example: There may be some vulnerabilities in the version of the operating system of the computer, which may cause some defects in the current version of the operating system, but the defect will not pose a threat to the security of the computer, even if the server has released a new version of the system after the improvement defect, Choose to ignore the current vulnerability of the computer operating system, or you can choose to download the new version of the system. At this point, the version of the computer operating system can be upgraded to the new version to prevent system vulnerabilities from being exploited by criminals, but with the computer operating system updated to the new version. The computer operating system will be reinstalled and the previous patches will be cleared.
综上所述, 针对本实施例提供的修复漏洞的方法, 漏洞的级别、 选 择修复的范围和提示表现可以根据修复漏洞产品的策略进行不同的定 义。  In summary, for the method for repairing a vulnerability provided by the embodiment, the level of the vulnerability, the scope of the selected repair, and the prompt performance may be differently defined according to the strategy for repairing the vulnerability product.
进一步地, 漏洞修复成功后, 可以在计算机中的系统托盘区任务栏 提示修复结果, 例如 "成功修复了 7 个漏洞"。 如果由于网络连接等问 题导致修复漏洞失败, 则可以提示用户修复失败信息, 支持用户查看详 情。 Further, after the vulnerability is successfully repaired, the repair result can be prompted in the system tray area task bar of the computer, for example, "7 vulnerabilities have been successfully repaired." If the repairing vulnerability fails due to problems such as network connection, you can prompt the user to fix the failure information, and support the user to view the details. Love.
其中, 导致修复漏洞失败的原因很多, 例如: 由于无法连接网络, 而不能下载修复漏洞的补丁程序, 或是目前没有可以修复漏洞的补丁程 序, 等等。  Among them, there are many reasons for the failure to fix the vulnerability. For example: Because the network cannot be connected, the patch to fix the vulnerability cannot be downloaded, or there is no patch to fix the vulnerability, and so on.
综上所述, 本实施例通过随计算机启动而自动运行的软件在运行一 段时间后, 通过周期性地更新漏洞特征文件, 实现及时地检测计算机存 在的漏洞, 并对存在的漏洞进行及时修复, 从而帮助用户在第一时间自 动修复计算机存在的漏洞, 最大程度地降低了计算机在用户访问网络时 受到黑客攻击的风险, 而且整个修复过程不需要人工参与, 改善了用户 体验。  In summary, in the embodiment, the software automatically running after being started by the computer is used to periodically detect the vulnerability of the computer by periodically updating the vulnerability feature file after running for a period of time, and timely repairing the existing vulnerability. This helps users automatically fix vulnerabilities in the computer at the first time, minimizing the risk of hacking when the user accesses the network, and the entire repair process does not require manual participation, which improves the user experience.
实施例 3  Example 3
本发明还提供了一种修复漏洞的装置, 包括:  The present invention also provides an apparatus for repairing a vulnerability, including:
检测模块, 用于检测计算机是否存在漏洞。  A detection module that detects whether a computer has a vulnerability.
分析模块, 用于对所述检测模块检测出的漏洞进行分析, 得到漏洞 的级别。  An analysis module is configured to analyze the vulnerability detected by the detection module to obtain a level of the vulnerability.
修复模块, 用于根据所述分析模块分析出的漏洞的级别, 对所述存 在的漏洞做相应修复。  The repair module is configured to repair the existing vulnerability according to the level of the vulnerability analyzed by the analysis module.
优选地, 参见图 3 , 本实施例提供的一种修复漏洞的装置可以包括: 检测模块 301 , 用于检测计算机是否存在漏洞;  Preferably, referring to FIG. 3, the apparatus for repairing a vulnerability provided by the embodiment may include: a detecting module 301, configured to detect whether a computer has a vulnerability;
分析模块 302, 用于在检测模块 301检测出计算机存在漏洞时, 对 存在的漏洞进行分析, 得到漏洞的级别;  The analyzing module 302 is configured to analyze the existing vulnerability when the detecting module 301 detects that the computer has a vulnerability, and obtain a level of the vulnerability;
修复模块 303 , 用于根据分析模块 302分析出的漏洞的级别, 对存 在的漏洞做相应修复;  The repair module 303 is configured to repair the existing vulnerability according to the level of the vulnerability analyzed by the analysis module 302.
停止模块 304, 用于在检测模块检测出计算机不存在漏洞时, 自动 停止修复漏洞。 参见图 4, 该装置还包括: The stopping module 304 is configured to automatically stop the repairing of the vulnerability when the detecting module detects that the computer does not have a vulnerability. Referring to Figure 4, the apparatus further includes:
访问更新模块 305 , 用于在修复漏洞的装置启动后, 自动访问服务 器端, 并更新漏洞特征文件, 触发检测模块 301根据更新的漏洞特征文 件, 检测计算机是否存在漏洞。 为了实时检测计算机是否存在漏洞, 访 问更新模块每隔一定周期, 自动访问服务器端, 并更新漏洞特征文件。 在检测到新的漏洞特征文件之后, 再触发检测模块 301启动检测计算机 是否存在漏洞; 如果没有新的漏洞特征文件, 可以不触发检测模块 301 检测计算机是否存在漏洞; 从而避免因每次检测而占用资源。  The access update module 305 is configured to automatically access the server end after the device for repairing the vulnerability is started, and update the vulnerability feature file, and the trigger detection module 301 detects whether the computer has a vulnerability according to the updated vulnerability feature file. In order to detect whether there is a vulnerability in the computer in real time, the access update module automatically accesses the server at regular intervals and updates the vulnerability profile. After detecting the new vulnerability profile, the trigger detection module 301 starts to detect whether the computer has a vulnerability; if there is no new vulnerability profile, the detection module 301 may not be triggered to detect whether the computer has a vulnerability; thereby avoiding occupation by each detection. Resources.
具体地, 上述分析模块 302, 具体用于根据漏洞特征, 判断漏洞能 否导致计算机受到破坏; 如果能, 则将漏洞视为高危级别的漏洞; 如果 否, 则将漏洞视为普通级别的漏洞。  Specifically, the foregoing analyzing module 302 is specifically configured to determine, according to the vulnerability feature, whether the vulnerability may cause the computer to be damaged; if possible, the vulnerability is regarded as a high-risk vulnerability; if not, the vulnerability is regarded as a common level vulnerability.
上述修复模块 303 , 具体用于对高危级别的漏洞, 或是从未修复过 的漏洞, 进行及时修复; 对普通级别的漏洞, 或是无法修复的漏洞, 选 择忽略, 暂时不做修复。  The above repair module 303 is specifically used for timely repairing a high-risk vulnerability or an unrepaired vulnerability; for a common level vulnerability or an unrecoverable vulnerability, the selection is ignored, and no repair is temporarily made.
进一步地, 参见图 5 , 该装置还包括:  Further, referring to FIG. 5, the device further includes:
第一提示模块 306, 用于在修复漏洞成功时, 提示修复漏洞的结果; 第二提示模块 307, 用于在果修复漏洞失败时, 提示修复漏洞失败, 并支持用户查看详情。  The first prompt module 306 is configured to prompt to repair the vulnerability when the vulnerability is successfully repaired. The second prompt module 307 is configured to prompt the repair of the vulnerability when the vulnerability is failed, and support the user to view the details.
本实施例提供的修复漏洞的装置, 通过更新漏洞特征文件, 触发检 测计算机是否存在漏洞, 在检测到计算机存在漏洞时, 根据漏洞的级别 自动进行修复, 整个修复过程不需要人工参与, 改善了用户体验; 不仅 能够帮助用户在第一时间自动修复计算机存在的漏洞, 而且最大程度地 降低了计算机在用户访问网络时受到黑客攻击的风险。  The device for repairing a vulnerability provided in this embodiment triggers detection of whether a vulnerability exists in the computer by updating the vulnerability feature file. When a vulnerability is detected in the computer, the vulnerability is automatically repaired according to the level of the vulnerability, and the entire repair process does not require manual participation, thereby improving the user. Experience; not only helps users automatically fix vulnerabilities in their computers in the first place, but also minimizes the risk of computers being hacked when users access the network.
上述本发明实施例序号仅仅为了描述, 不代表实施例的优劣。  The serial numbers of the embodiments of the present invention are merely for the description, and do not represent the advantages and disadvantages of the embodiments.
本发明实施例中的部分步骤, 可以利用软件实现, 相应的软件程序 可以存储在可读取的存储介质中, 如光盘或硬盘等。 Part of the steps in the embodiment of the present invention can be implemented by using software, and the corresponding software program It can be stored in a readable storage medium such as a compact disc or a hard disk.
以上所述仅为本发明的较佳实施例, 并不用以限制本发明, 凡在本 发明的精神和原则之内, 所作的任何修改、 等同替换、 改进等, 均应包 含在本发明的保护范围之内。  The above is only the preferred embodiment of the present invention, and is not intended to limit the present invention. Any modifications, equivalent substitutions, improvements, etc., which are within the spirit and scope of the present invention, should be included in the protection of the present invention. Within the scope.

Claims

权利要求书 Claim
1、 一种修复漏洞的方法, 其特征在于, 所述方法包括:  A method for repairing a vulnerability, the method comprising:
修复漏洞的装置检测计算机是否存在漏洞;  The device that fixes the vulnerability detects whether the computer has a vulnerability;
对存在的漏洞进行分析,得到漏洞的级别,并根据所述漏洞的级别, 对所述存在的漏洞做相应修复。  Analyze the existing vulnerability, obtain the level of the vulnerability, and repair the existing vulnerability according to the level of the vulnerability.
2、 根据权利要求 1 所述的方法, 其特征在于, 所述修复漏洞的装 置检测计算机是否存在漏洞之前, 还包括:  2. The method according to claim 1, wherein before the detecting the vulnerability device detects whether the computer has a vulnerability, the method further includes:
修复漏洞的装置启动后, 自动访问服务器端,并更新漏洞特征文件; 所述检测计算机是否存在漏洞包括:  After the device that fixes the vulnerability starts, it automatically accesses the server and updates the vulnerability profile. The detection of the vulnerability of the computer includes:
根据更新的漏洞特征文件检测计算机是否存在漏洞。  Detects a vulnerability in the computer based on the updated vulnerability signature file.
3、 根据权利要求 2所述的方法, 其特征在于, 所述修复漏洞的装 置启动后, 每隔一定周期, 自动访问服务器端, 更新漏洞特征文件。  The method according to claim 2, wherein after the device for repairing the vulnerability is started, the server is automatically accessed at regular intervals to update the vulnerability profile.
4、 根据权利要求 1 所述的方法, 其特征在于, 所述对存在的漏洞 进行分析, 得到漏洞的级别, 具体包括:  The method according to claim 1, wherein the analyzing the existing vulnerability to obtain the level of the vulnerability includes:
根据漏洞特征, 判断漏洞能否导致计算机受到破坏;  According to the characteristics of the vulnerability, determine whether the vulnerability can cause damage to the computer;
如果能, 则将所述漏洞确定为高危级别的漏洞;  If possible, identify the vulnerability as a high-risk vulnerability;
如果否, 则将所述漏洞确定为普通级别的漏洞;  If no, the vulnerability is identified as a common level vulnerability;
所述根据所述漏洞的级别, 对所述存在的漏洞做相应修复, 具体包 括:  The repairing the existing vulnerability according to the level of the vulnerability, specifically including:
对高危级别的漏洞, 或是从未修复过的漏洞, 进行及时修复; 对普通级别的漏洞, 或是无法修复的漏洞, 不做修复。  Fixes for high-risk vulnerabilities, or vulnerabilities that have never been fixed, and fix them for common-level vulnerabilities, or unrepairable vulnerabilities.
5、 根据权利要求 1所述的方法, 其特征在于,  5. The method of claim 1 wherein:
如果检测出计算机不存在漏洞, 则自动停止修复漏洞。  If it detects that there is no vulnerability in the computer, it will automatically stop fixing the vulnerability.
6、 一种修复漏洞的装置, 其特征在于, 所述装置包括:  6. A device for repairing a vulnerability, the device comprising:
检测模块, 用于检测计算机是否存在漏洞; 分析模块, 用于对所述检测模块检测出的漏洞进行分析, 得到漏洞 的级别; a detecting module, configured to detect whether a computer has a vulnerability; An analysis module, configured to analyze a vulnerability detected by the detection module, and obtain a level of the vulnerability;
修复模块, 用于根据所述分析模块分析出的漏洞的级别, 对所述存 在的漏洞做相应修复。  The repair module is configured to repair the existing vulnerability according to the level of the vulnerability analyzed by the analysis module.
7、 根据权利要求 6所述的装置, 其特征在于, 所述装置还包括: 访问更新模块, 用于在所述装置启动后, 自动访问服务器端, 并更 新漏洞特征文件, 触发所述检测模块根据更新的漏洞特征文件, 检测计 算机是否存在漏洞。  The device according to claim 6, wherein the device further comprises: an access update module, configured to automatically access the server after the device is started, and update the vulnerability profile to trigger the detection module Detects a vulnerability in the computer based on the updated vulnerability signature file.
8、 根据权利要求 6所述的装置, 其特征在于,  8. Apparatus according to claim 6 wherein:
所述分析模块, 具体用于根据漏洞特征, 判断漏洞能否导致计算机 受到破坏; 如果能, 则将所述漏洞确定为高危级别的漏洞; 如果否, 则 将所述漏洞确定为普通级别的漏洞;  The analyzing module is specifically configured to determine, according to the vulnerability feature, whether the vulnerability may cause the computer to be damaged; if yes, the vulnerability is determined to be a high-risk vulnerability; if not, the vulnerability is determined to be a common level vulnerability. ;
所述修复模块, 具体用于对高危级别的漏洞, 或是从未修复过的漏 洞, 进行及时修复; 对普通级别的漏洞, 或是无法修复的漏洞, 不做修 复。  The repair module is specifically used to repair a high-risk vulnerability or an unrepaired vulnerability in time; for a common level vulnerability or an unrecoverable vulnerability, no repair is performed.
9、 根据权利要求 6所述的装置, 其特征在于, 所述装置, 还包括: 第一提示模块, 用于在修复漏洞成功时, 提示修复漏洞的结果; 第二提示模块, 用于在修复漏洞失败时, 提示修复漏洞失败。  The device according to claim 6, wherein the device further comprises: a first prompting module, configured to prompt a result of repairing the vulnerability when the repairing vulnerability is successful; and a second prompting module, configured to repair When the vulnerability fails, the prompt to fix the vulnerability fails.
10、 根据权利要求 6所述的装置, 其特征在于, 所述装置进一步包 括停止模块, 用于在所述检测模块检测出计算机不存在漏洞时, 自动停 止修复漏洞。  The device according to claim 6, wherein the device further comprises a stopping module, configured to automatically stop the repairing vulnerability when the detecting module detects that the computer does not have a vulnerability.
PCT/CN2010/070497 2009-03-16 2010-02-03 Method and device for patching of vulnerability WO2010105516A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN 200910080218 CN101526984B (en) 2009-03-16 2009-03-16 Method for patching bugs and device thereof
CN200910080218.1 2009-03-16

Publications (1)

Publication Number Publication Date
WO2010105516A1 true WO2010105516A1 (en) 2010-09-23

Family

ID=41094848

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2010/070497 WO2010105516A1 (en) 2009-03-16 2010-02-03 Method and device for patching of vulnerability

Country Status (2)

Country Link
CN (1) CN101526984B (en)
WO (1) WO2010105516A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105468981A (en) * 2015-11-20 2016-04-06 上海斐讯数据通信技术有限公司 Vulnerability identification technology-based plugin safety scanning device and scanning method
US9450974B2 (en) 2014-03-20 2016-09-20 International Business Machines Corporation Intrusion management
CN112464249A (en) * 2020-12-10 2021-03-09 北京冠程科技有限公司 Asset equipment attack vulnerability repairing method, device, equipment and storage medium
TWI728637B (en) * 2020-01-02 2021-05-21 中華電信股份有限公司 Information security protection method and computer-readable medium

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101526984B (en) * 2009-03-16 2012-05-30 腾讯科技(北京)有限公司 Method for patching bugs and device thereof
CN101950338A (en) * 2010-09-14 2011-01-19 中国科学院研究生院 Bug repair method based on hierarchical bug threat assessment
CN103177213B (en) * 2011-12-20 2016-01-20 腾讯科技(深圳)有限公司 A kind of software vulnerability restorative procedure and system
CN103632098B (en) * 2012-08-21 2019-05-10 腾讯科技(深圳)有限公司 The method and device of patching bugs
CN102957695A (en) * 2012-10-25 2013-03-06 北京奇虎科技有限公司 Enterprise intranet terminal safety maintenance method and device
CN102945351B (en) * 2012-11-05 2015-10-28 中国科学院软件研究所 Based on the mobile intelligent terminal security breaches restorative procedure of Quick Response Code under cloud environment
CN104182689A (en) * 2013-05-24 2014-12-03 阿里巴巴集团控股有限公司 Method and device for repairing and protecting system
CN104376264B (en) * 2014-07-11 2017-04-12 腾讯科技(深圳)有限公司 Software vulnerability handling method, device and system
CN106033512A (en) * 2015-03-20 2016-10-19 中兴通讯股份有限公司 Security vulnerability reinforcing method and system
CN107277021A (en) * 2017-06-26 2017-10-20 云南电网有限责任公司信息中心 A kind of new open leak coverage identification and remediation management system and method
CN107577950A (en) * 2017-09-29 2018-01-12 河南职业技术学院 A kind of method for repairing software vulnerability
CN110378116B (en) * 2019-06-06 2021-05-25 北京奇安信科技有限公司 Method and device for preventing operating system from being attacked based on native code
CN111967021B (en) * 2020-08-27 2022-06-03 山东英信计算机技术有限公司 Vulnerability processing method, device and equipment and computer readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1577272A (en) * 2003-07-16 2005-02-09 微软公司 Automatic detection and patching of vulnerable files
US20060168569A1 (en) * 2005-01-26 2006-07-27 Microsoft Corporation Beta parser
CN101150432A (en) * 2007-08-24 2008-03-26 北京启明星辰信息技术有限公司 An information system risk evaluation method and system
CN101526984A (en) * 2009-03-16 2009-09-09 腾讯科技(北京)有限公司 Method for patching bugs and device thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1577272A (en) * 2003-07-16 2005-02-09 微软公司 Automatic detection and patching of vulnerable files
US20060168569A1 (en) * 2005-01-26 2006-07-27 Microsoft Corporation Beta parser
CN101150432A (en) * 2007-08-24 2008-03-26 北京启明星辰信息技术有限公司 An information system risk evaluation method and system
CN101526984A (en) * 2009-03-16 2009-09-09 腾讯科技(北京)有限公司 Method for patching bugs and device thereof

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9450974B2 (en) 2014-03-20 2016-09-20 International Business Machines Corporation Intrusion management
CN105468981A (en) * 2015-11-20 2016-04-06 上海斐讯数据通信技术有限公司 Vulnerability identification technology-based plugin safety scanning device and scanning method
TWI728637B (en) * 2020-01-02 2021-05-21 中華電信股份有限公司 Information security protection method and computer-readable medium
CN112464249A (en) * 2020-12-10 2021-03-09 北京冠程科技有限公司 Asset equipment attack vulnerability repairing method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN101526984B (en) 2012-05-30
CN101526984A (en) 2009-09-09

Similar Documents

Publication Publication Date Title
WO2010105516A1 (en) Method and device for patching of vulnerability
JP6949951B2 (en) Systems and methods for repairing memory corruption in computer applications
EP3036623B1 (en) Method and apparatus for modifying a computer program in a trusted manner
JP4837985B2 (en) System and method for securely booting a computer having a trusted processing module
US9471780B2 (en) System, method, and computer program product for mounting an image of a computer system in a pre-boot environment for validating the computer system
KR101626397B1 (en) Bios flash attack protection and notification
US9436827B2 (en) Attesting a component of a system during a boot process
US7669059B2 (en) Method and apparatus for detection of hostile software
US20080178287A1 (en) Mitigating malicious exploitation of a vulnerability in a software application by selectively trapping execution along a code path
US8086835B2 (en) Rootkit detection
US20060259819A1 (en) Automated Method for Self-Sustaining Computer Security
NO337222B1 (en) Automatic detection and repair of vulnerable files
US20130117006A1 (en) Simulated boot process to detect introduction of unauthorized information
KR20130122747A (en) Repairing corrupt software
JP2012032925A (en) Platform integrity verification system
CN107330328B (en) Method and device for defending against virus attack and server
CN103678032B (en) The restorative procedure and device of system file
JP6238093B2 (en) Malware risk scanner
US9021453B1 (en) Anti-malware installation deployment simulator
TWI730415B (en) Detection system, detection method, and an update verification method performed by using the detection method
CN113569239A (en) Malicious software analysis method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10753083

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM1205A DATED 06.02.12)

122 Ep: pct application non-entry in european phase

Ref document number: 10753083

Country of ref document: EP

Kind code of ref document: A1