“关于Windows远程桌面远程代码执行漏洞(CVE-2019-0708)”
黑客可利用此漏洞,无需用户验证,在目标系统上执行恶意行为,漏洞影响范围包括Windows 7、WindowsServer 2008、WindowsServer2003、Windows XP,漏洞危害评级很高,与永恒之蓝威胁程度类似。目前微软已公布该漏洞补丁,包括支持WindowsXP、Windows2003的补丁
一、漏洞检测工具
https://free.360totalsecurity.com/CVE-2019-0708/detector_release.zip
https://www.qianxin.com/other/CVE-2019-0708
https://cloud.nsfocus.com/#/secwarning/secwarning_news?menu_id=urgent
二、微软官方补丁下载地址
操作系统版本 | 补丁下载链接 |
Windows 7 x86 | |
Windows 7 x64 | |
Windows Embedded Standard 7 for x64 | |
Windows Embedded Standard 7 for x86 | |
Windows Server 2008 x64 | |
Windows Server 2008 Itanium | http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.0-kb4499180-ia64_805e448d48ab8b1401377ab9845f39e1cae836d4.msu |
Windows Server 2008 x86 | |
Windows Server 2008 R2 Itanium | |
Windows Server 2008 R2 x64 | |
Windows Server 2003 x86 | |
Windows Server 2003 x64 | |
Windows XP SP3 | |
Windows XP SP2 for x64 | |
Windows XP SP3 for XPe | |
WES09 and POSReady 2009 |