各位老师好:
近日,网络上流传出微软远程桌面服务远程代码执行(CVE-2019-1181/1182)最新利用代码,为了利用此漏洞,攻击者需要通过RDP向目标系统远程桌面服务发送精心设计的请求。不需要用户交互。成功利用此漏洞的攻击者可以在目标系统上执行任意代码。然后,攻击者就可以安装程序,查看、更改或删除数据,或者创建具有完全用户权限的新帐户。此次漏洞影响版本为
Windows 10:
for 32-bit Systems
for x64-based Systems
Version 1607 for 32-bit Systems
Version 1607 for x64-based Systems
Version 1703 for 32-bit Systems
Version 1703 for x64-based Systems
Version 1709 for 32-bit Systems
Version 1709 for 64-based Systems
Version 1709 for ARM64-based Systems
Version 1803 for 32-bit Systems
Version 1803 for ARM64-based Systems
Version 1803 for x64-based Systems
Version 1809 for 32-bit Systems
Version 1809 for ARM64-based Systems
Version 1809 for x64-based Systems
Version 1903 for 32-bit Systems
Version 1903 for ARM64-based Systems
Version 1903 for x64-based Systems
Windows 7:
for 32-bit Systems Service Pack 1
for x64-based Systems Service Pack 1
Windows 8.1:
for 32-bit systems
for x64-based systems
Windows RT 8.1:
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server, version 1803 (Server Core Installation)
Windows Server, version 1903 (Server Core installation)。
目前,微软官方已发布补丁修复此漏洞,建议用户将相关系统版本立即升级至最新版本:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226
鲁公网安备37069102000304号