暖暖爱免费观看高清在线遇见你,日韩欧美一区二区三区在线,天天操精品

當(dāng)前位置：萬網(wǎng)互聯(lián)首頁 > 幫助中心 > 閱讀:

【漏洞通告】Windows RDP服務(wù)遠(yuǎn)程代碼執(zhí)行漏洞通告(CVE-2019-0708)

分享到：

發(fā)布時(shí)間：2019-5-15 15:26:05

1. 漏洞概述

遠(yuǎn)程桌面協(xié)議(RDP, Remote Desktop Protocol)是一個(gè)多通道(multi-channel)的協(xié)議,讓用戶(客戶端或稱“本地電腦”)連上提供微軟終端機(jī)服務(wù)的電腦(服務(wù)器端或稱“遠(yuǎn)程電腦”)是大部分的Windows都有客戶端所需軟件,RDP服務(wù)默認(rèn)監(jiān)聽本機(jī)3389端口。

根據(jù)MSRC公告顯示,本漏洞為RDP服務(wù)遠(yuǎn)程代碼執(zhí)行漏洞,未經(jīng)認(rèn)證的惡意攻擊者通過向目標(biāo)主機(jī)RDP服務(wù)所在端口發(fā)送精心構(gòu)造的請求,即可在目標(biāo)主機(jī)執(zhí)行任意代碼。該漏洞利用門檻低,危害大且攻擊者可通過該漏洞橫向蠕蟲傳播,感染大量主機(jī),危害效果可堪比2017年WannaCry等具備勒索能力的惡意程序。

目前官方暫未公開漏洞細(xì)節(jié),建議受影響用戶盡快安裝補(bǔ)丁進(jìn)行更新,修復(fù)此漏洞。

2. 影響版本

Windows 7

Windows Server 2008

Windows Server 2008 R2

Windows XP

Windows Server 2003

3. 不受影響版本

Windows 8

Windows 10

4. 修復(fù)方案

微軟官方已經(jīng)發(fā)布更新補(bǔ)丁(包括官方停止維護(hù)版本),請用戶及時(shí)進(jìn)行補(bǔ)丁更新。

用戶可通過微軟自動(dòng)更新功能、WSUS服務(wù)或下載補(bǔ)丁方式修復(fù)該漏洞,下表為不同操作系統(tǒng)對應(yīng)補(bǔ)丁鏈接:

操作系統(tǒng)版本	補(bǔ)丁下載鏈接
Windows 7 x86	http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x86_6f1319c32d5bc4caf2058ae8ff40789ab10bf41b.msu
Windows 7 x64	http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x64_3704acfff45ddf163d8049683d5a3b75e49b58cb.msu
Windows Embedded Standard 7 for x64	http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x64_3704acfff45ddf163d8049683d5a3b75e49b58cb.msu
Windows Embedded Standard 7 for x86	http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x86_6f1319c32d5bc4caf2058ae8ff40789ab10bf41b.msu
Windows Server 2008 x64	http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.0-kb4499149-x64_9236b098f7cea864f7638e7d4b77aa8f81f70fd6.msu
Windows Server 2008 Itanium	http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.0-kb4499180-ia64_805e448d48ab8b1401377ab9845f39e1cae836d4.msu
Windows Server 2008 x86	http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.0-kb4499149-x86_832cf179b302b861c83f2a92acc5e2a152405377.msu
Windows Server 2008 R2 Itanium	http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-ia64_fabc8e54caa0d31a5abe8a0b347ab4a77aa98c36.msu
Windows Server 2008 R2 x64	http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x64_3704acfff45ddf163d8049683d5a3b75e49b58cb.msu
Windows Server 2003 x86	http://download.windowsupdate.com/d/csa/csa/secu/2019/04/windowsserver2003-kb4500331-x86-custom-chs_4892823f525d9d532ed3ae36fc440338d2b46a72.exe
Windows Server 2003 x64	http://download.windowsupdate.com/d/csa/csa/secu/2019/04/windowsserver2003-kb4500331-x64-custom-chs_f2f949a9a764ff93ea13095a0aca1fc507320d3c.exe
Windows XP SP3	http://download.windowsupdate.com/c/csa/csa/secu/2019/04/windowsxp-kb4500331-x86-custom-chs_718543e86e06b08b568826ac13c05f967392238c.exe
Windows XP SP2 for x64	http://download.windowsupdate.com/d/csa/csa/secu/2019/04/windowsserver2003-kb4500331-x64-custom-enu_e2fd240c402134839cfa22227b11a5ec80ddafcf.exe
Windows XP SP3 for XPe	http://download.windowsupdate.com/d/csa/csa/secu/2019/04/windowsxp-kb4500331-x86-embedded-custom-chs_96da48aaa9d9bcfe6cd820f239db2fe96500bfae.exe
WES09 and POSReady 2009	http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/04/windowsxp-kb4500331-x86-embedded-chs_e3fceca22313ca5cdda811f49a606a6632b51c1c.exe

5. 臨時(shí)修復(fù)方案

若用戶暫不方便安裝補(bǔ)丁更新,可采取下列臨時(shí)防護(hù)措施,對此漏洞進(jìn)行防護(hù)。

1. 若用戶不需要用到遠(yuǎn)程桌面服務(wù),建議禁用該服務(wù)。

2. 在主機(jī)防火墻中對遠(yuǎn)程桌面TCP 端口(默認(rèn)為 3389)進(jìn)行阻斷。

3. 啟用網(wǎng)絡(luò)級認(rèn)證(NLA),此方案適用于Windows 7, Windows Server 2008, Windows Server 2008 R2。

參考鏈接

https://blogs.technet.microsoft.com/msrc/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/?from=groupmessage&isappinstalled=0

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708