Windows XP Professional 圆4 Edition SP2 (official support no longer available).Windows XP SP3 x86 (official support no longer available).Windows Server 2003 圆4 Edition SP2 (official support no longer available).Windows Server 2003 SP2 x86 (official support no longer available).Windows Server 2008 R2 for 圆4-based SystemsService Pack 1 (Server Core installation).Windows Server 2008 R2 for 圆4-based SystemsService Pack 1.Windows Server 2008 R2 for Itanium-BasedSystems Service Pack 1.Windows Server 2008 for 圆4-based SystemsService Pack 2 (Server Core installation).Windows Server 2008 for 圆4-based SystemsService Pack 2.Windows Server 2008 for Itanium-Based SystemsService Pack 2.Windows Server 2008 for 32-bit SystemsService Pack 2 (Server Core installation).Windows Server 2008 for 32-bit SystemsService Pack 2.Windows 7 for 圆4-based Systems Service Pack1.Windows 7 for 32-bit Systems Service Pack 1.Currently, the exploit of this vulnerability has been made public, and therefore affected users are advised to download and install patches as soon as possible. Attackers could exploit this vulnerability to cause remote code execution or worm attacks by sending a malicious request to the target via the RDP protocol.Ĭonsidering the high risk level of this vulnerability, Microsoft has also released security updates to fix this vulnerability in versions for which official support is no longer available to fix this vulnerability. On April 15, Beijing time, Microsoft released May 2019 security patches that fix 82 vulnerabilities, among which the Windows operating system remote desktop services vulnerability (CVE-2019-0708) poses serious threats. Therefore, users are strongly recommended to check their assets and immediately download patches for affected devices or take other measures to avoid related threats. Currently, hackers have scanned vulnerable devices on a large scale, possibly hitting vulnerable hosts in batches. If the module does not provide proper configuration parameters during exploitation, this could lead to the blue screen of death (BSoD) to the target host. Currently, instead of launching attacks automatically, this exploit requires users to manually configure target details prior to further exploitation. By default, the BlueKeep module of Metasploit only checks whether the target and its operating system version are vulnerable.
The test shows that this exploit can be successfully used.
This vulnerability, like WannaCry, will propagate widely, having constituted security threats in the wild.
The initial public exploit module (BlueKeep) for the CVE-2019-0708 vulnerability could cause old versions of Windows (Windows 7 SP1 圆4 and Windows 2008 R2 圆4) to execute code remotely without user interaction. In the early morning of September 7, Beijing time, a developer disclosed a Metasploit exploit module for the Windows remote desktop services remote code execution vulnerability (CVE-2019-0708) on GitHub.
0 kommentar(er)
