Microsoft Ô¶³Ì×ÀÃæЧÀÍÔ¶³Ì´úÂëÖ´ÐÐÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-09-09

¡ñÎó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-0708£¬£¬£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬CVSS·ÖÖµ£º9.8


¡ñÓ°Ïì°æ±¾


ÊÜÓ°ÏìµÄ°æ±¾


Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack1

Windows Server 2008 for 32-bit SystemsService Pack 2

Windows Server 2008 for 32-bit SystemsService Pack 2 (Server Core installation)

Windows Server 2008 for Itanium-Based SystemsService Pack 2

Windows Server 2008 for x64-based SystemsService Pack 2

Windows Server 2008 for x64-based SystemsService Pack 2 (Server Core installation)

Windows Server 2008 R2 for Itanium-BasedSystems Service Pack 1

Windows Server 2008 R2 for x64-based SystemsService Pack 1

Windows Server 2008 R2 for x64-based SystemsService Pack 1 (Server Core installation)

Windows XP SP3 x86

Windows XP Professional x64 Edition SP2

Windows XP Embedded SP3 x86

Windows Server 2003 SP2 x86

Windows Server 2003 x64 Edition SP2


¡ñÎó²î¸ÅÊö


5Ô 14 ÈÕ£¬£¬£¬Î¢Èí¹Ù·½Ðû²¼Çå¾²¸üУ¬£¬£¬ÆäÖÐÐÞ¸´ÁË Windows ϵͳԶ³Ì×ÀÃæЧÀÍÖб£´æµÄÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2019- 0708£©¡£¡£¡£¹¥»÷ÕßÔÚÔ¶³ÌÇÒδ¾­ÊÚȨµÄÇéÐÎÏ£¬£¬£¬Í¨¹ý·¢ËÍÈ«ÐĽṹµÄ¶ñÒâÊý¾Ý°üµ½Ä¿µÄЧÀÍÆ÷µÄÔ¶³Ì×ÀÃæЧÀͶ˿ڣ¨Ä¬ÒÔΪ 3389£©£¬£¬£¬ÎÞÐèÆäËû½»»¥£¬£¬£¬¼´¿ÉÔÚÄ¿µÄЧÀÍÆ÷ÉÏÖ´ÐжñÒâ´úÂ룬£¬£¬»ñȡϵͳȨÏÞ¡£¡£¡£


Ö±ÖÁ 9 Ô 7 ÈÕ£¬£¬£¬¿ªÔ´µÄÎó²îʹÓÿò¼Ü metasploit-framework ÐÂÔöÁË´ËÎó²îµÄʹÓÃÄ£¿£¿£¿£¿£¿é£¨cve_2019_0708_bluekeep_rce£©£¬£¬£¬Îó²îʹÓù¤¾ß×îÏÈÀ©É¢£¬£¬£¬ÒѾ­Ôì³ÉÈä³æ¼¶µÄÇå¾²Íþв¡£¡£¡£ÓÉÓÚ¿ÉÒÔÔì³ÉÔ¶³Ì´úÂëÖ´ÐеÄÎó²îʹÓþ籾ÒѾ­¹ûÕ棬£¬£¬¼ÓÉÏ´ËÎó²î×Ô¼º¾ßÓпÉÈä³æÈö²¥µÄÐÔ×Ó£¬£¬£¬ÓпÉÄܻᵼÖÂÀàËÆ֮ǰµÄ WannaCry Èä³æÇå¾²ÊÂÎñ±¬·¢£¬£¬£¬Òò´ËÏÖÔÚÈÔδ×öÎó²îÐÞ¸´µÄÓû§Ð辡¿ì¸üÐÂ΢Èí¹Ù·½µÄÇå¾²²¹¶¡¡£¡£¡£


¡ñÎó²îÑéÖ¤


EXP£ºhttps://github.com/rapid7/metasploit-framework/pull/12283¡£¡£¡£


¡ñÐÞ¸´½¨Òé


¹Ù·½²¹¶¡£¡£¡£º


΢Èí¹Ù·½ÒѾ­ÍƳöÇå¾²¸üÐÂÇë²Î¿¼ÒÔϹٷ½Ç徲ͨ¸æÏÂÔز¢×°ÖÃ×îв¹¶¡£¡£¡£º

https://support.microsoft.com/zh-cn/help/4500705/customer-guidance-for-cve-2019-0708

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708


»òƾ֤ÒÔϱí¸ñ²éÕÒ¶ÔÓ¦µÄϵͳ°æ±¾ÏÂÔØ×îв¹¶¡£¡£¡£º


²Ù×÷ϵͳ°æ±¾

²¹¶¡ÏÂÔØÁ´½Ó

Windows 7 x86

http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x86_6f1319c32d5bc4caf2058ae8ff40789ab10bf41b.msu

Windows 7 x64

http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x64_3704acfff45ddf163d8049683d5a3b75e49b58cb.msu

Windows Embedded  Standard 7 for x64

http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x64_3704acfff45ddf163d8049683d5a3b75e49b58cb.msu

Windows Embedded  Standard 7 for x86

http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x86_6f1319c32d5bc4caf2058ae8ff40789ab10bf41b.msu

Windows Server 2008  x64

http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.0-kb4499149-x64_9236b098f7cea864f7638e7d4b77aa8f81f70fd6.msu

Windows Server 2008  Itanium

http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.0-kb4499180-ia64_805e448d48ab8b1401377ab9845f39e1cae836d4.msu

Windows Server 2008  x86

http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.0-kb4499149-x86_832cf179b302b861c83f2a92acc5e2a152405377.msu

Windows Server 2008 R2  Itanium

http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-ia64_fabc8e54caa0d31a5abe8a0b347ab4a77aa98c36.msu

Windows Server 2008 R2  x64

http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x64_3704acfff45ddf163d8049683d5a3b75e49b58cb.msu

Windows Server 2003  x86

http://download.windowsupdate.com/d/csa/csa/secu/2019/04/windowsserver2003-kb4500331-x86-custom-chs_4892823f525d9d532ed3ae36fc440338d2b46a72.exe

Windows Server 2003  x64

http://download.windowsupdate.com/d/csa/csa/secu/2019/04/windowsserver2003-kb4500331-x64-custom-chs_f2f949a9a764ff93ea13095a0aca1fc507320d3c.exe

Windows XP SP3

http://download.windowsupdate.com/c/csa/csa/secu/2019/04/windowsxp-kb4500331-x86-custom-chs_718543e86e06b08b568826ac13c05f967392238c.exe

Windows XP SP2 for x64

http://download.windowsupdate.com/d/csa/csa/secu/2019/04/windowsserver2003-kb4500331-x64-custom-enu_e2fd240c402134839cfa22227b11a5ec80ddafcf.exe

Windows XP SP3 for XPe

http://download.windowsupdate.com/d/csa/csa/secu/2019/04/windowsxp-kb4500331-x86-embedded-custom-chs_96da48aaa9d9bcfe6cd820f239db2fe96500bfae.exe

WES09 and POSReady  2009

http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/04/windowsxp-kb4500331-x86-embedded-chs_e3fceca22313ca5cdda811f49a606a6632b51c1c.exe


ÔÝʱ½â¾ö¼Æ»®£º


ÈôÓû§²»ÐèÒªÓõ½Ô¶³Ì×ÀÃæЧÀÍ£¬£¬£¬½¨Òé½ûÓøÃЧÀÍ¡£¡£¡£

¿ªÆôÍøÂ缶±ðÉí·ÝÑéÖ¤(NLA)

¹Ø±ÕTCP¶Ë¿Ú3389µÄÅþÁ¬£¬£¬£¬»ò¶ÔÏà¹ØЧÀÍÆ÷×ö»á¼ûȪԴ¹ýÂË£¬£¬£¬Ö»ÔÊÔÊÐíÐÅIPÅþÁ¬¡£¡£¡£


¡ñ²Î¿¼Á´½Ó


https://github.com/rapid7/metasploit-framework/pull/12283

https://msrc-blog.microsoft.com/2019/05/14/prevent-a-worm-by-updating-remote-desktop-services-cve-2019-0708/