΢ÈíÔ¶³Ì×ÀÃæ·þÎñÔ¶³Ì´úÂëÖ´Ðзì϶°²È«¹«¸æ

°ä²¼¹¦·ò 2019-05-15

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-0708£¬Î£ÏÕ¼¶±ð£ºÑϳÁ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ9.8£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


Microsoft Windows XP 0
Microsoft Windows Server 2008 R2 for x64-based Systems SP1
Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
Microsoft Windows Server 2008 for x64-based Systems SP2
Microsoft Windows Server 2008 for Itanium-based Systems SP2
Microsoft Windows Server 2008 for 32-bit Systems SP2
Microsoft Windows Server 2003 0
Microsoft Windows 7 for x64-based Systems SP1

Microsoft Windows 7 for 32-bit Systems SP1


·ì϶¸ÅÊö


΢Èí°ä²¼ÁËÕë¶ÔÔ¶³Ì×ÀÃæ·þÎñ£¨ÒÔÇ°³ÆΪÖն˷þÎñ£©µÄ¹Ø¼üÔ¶³ÌÖ´ÐдúÂë·ì϶CVE-2019-0708µÄ½¨¸´·¨Ê½£¬¸Ã·ì϶ӰÏìÁËijЩ¾É°æ±¾µÄWindows¡£


RDP·þÎñ´¦Öô«ÈëÒªÇóµÄ·½Ê½´æÔÚ·ì϶¡£¹¥»÷ÕßÄܹ»ÏòRDP·þÎñ·¢ËͶñÒâÒªÇó£¬ÓÉÓÚδÕýÈ·µÄÒªÇó´¦Öã¬Ö¸±ê½«Ö´ÐÐ×¢ÈëÒªÇóµÄ¶ñÒâ´úÂë¡£CVE-2019-0708ÊÇÒ»¸öÔ¤Éí·ÝÑéÖ¤·ì϶£¬²»±ØÒªÓû§½»»¥£¬Õâ»áµ¼Ö¹¥»÷ÕßÀûÓø÷ì϶ʵÏÖÀàËÆÓÚWannaCryµÄ·½Ê½´«²¼¡£


·ì϶ÑéÖ¤


ÔÝÎÞPOC¡¢EXP¡£


½¨¸´½¨Òé


Ä¿Ç°£¬Î¢Èí¹Ù·½ÒѾ­°ä²¼²¹¶¡½¨¸´ÁËÉÏÊö·ì϶£¬½¨ÒéÓû§ÊµÊ±È·ÈÏÊÇ·ñÊܵ½·ì϶ӰÏ죬¾¡¿ì²ÉÈ¡½¨²¹´ëÊ©£¬ÒÔÔ¤·ÀDZÔڵݲȫÍþв¡£ÏëÒª½øÐиüУ¬Ö»Ðèתµ½ÉèÖáú¸üкͰ²È«¡úWindows¸üСú²é³­¸üУ¬»òÕßÒ²Äܹ»Í¨¹ýÊÖ¶¯½øÐиüС£


Windows 7£¬Windows 2008 R2£¬Windows 2008

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708


Windows 2003£¬Windows XP
https://support.microsoft.com/zh-cn/help/4500705/customer-guidance-for-cve-2019-0708


²Î¿¼Á´½Ó


https://www.securityfocus.com/bid/108273/info
https://www.tenable.com/blog/critical-remote-code-execution-vulnerability-cve-2019-0708-addressed-in-patch-tuesday-updates
https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/?from=groupmessage&isappinstalled=0