關于Microsoft遠程桌面服務存在遠程代碼執行漏洞的安全公告

(作者: 文章來源:www.cnvd.org.cn 發布日期:2019-08-15 瀏覽數:)

 安全公告編號:CNTA-2019-0028

2019年8月14日,國家信息安全漏洞共享平臺(CNVD)收錄了Microsoft遠程桌面服務遠程代碼執行漏洞(CNVD-2019-27323 、CNVD-2019-27324、 CNVD-2019-27325 、CNVD-2019-27326)。攻擊者利用該漏洞,可在未授權的情況下遠程執行代碼。目前,漏洞細節雖未公開,但已引起社會高度關注,微軟公司已發布官方補丁。

一、漏洞情況分析

Microsoft Windows是美國微軟公司發布的視窗操作系統。遠程桌面連接是微軟從Windows 2000 Server開始提供的組件。

2019年8月13日,微軟發布了安全更新補丁,其中修復了4個遠程桌面服務遠程代碼執行漏洞, CVE編號分別為:CVE-2019-1181、CVE-2019-1182、CVE-2019-1222、CVE-2019-1226。未經身份驗證的攻擊者利用該漏洞,向目標服務端口發送惡意構造請求,可以在目標系統上執行任意代碼。該漏洞的利用無需進行用戶交互操作,存在被不法分子利用進行蠕蟲攻擊的可能。

CNVD對該漏洞的綜合評級為“高危”。

二、漏洞影響范圍

上述漏洞影響的產品版本包括:

 

Windows 10 for 32-bit Systems

Windows 10 for x64-based Systems

Windows 10 Version 1607 for 32-bit Systems

Windows 10 Version 1607 for x64-basedSystems

Windows 10 Version 1703 for 32-bit Systems

Windows 10 Version 1703 for x64-basedSystems

Windows 10 Version 1709 for 32-bit Systems

Windows 10 Version 1709 for 64-basedSystems

Windows 10 Version 1709 for  ARM64-based Systems

Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for ARM64-basedSystems

Windows 10 Version 1803 for x64-basedSystems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-basedSystems

Windows 10 Version 1809 for x64-basedSystems

Windows 10 Version 1903 for 32-bit Systems

Windows 10 Version 1903 for ARM64-basedSystems

Windows 10 Version 1903 for x64-basedSystems

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems ServicePack 1

Windows 8.1 for 32-bit systems

Windows 8.1 for x64-based systems

Windows RT 8.1

Windows Server 2008 R2 for tanium-BasedSystems Service Pack 1

Windows Server 2008 R2 for x64-basedSystems Service Pack 1

Windows Server 2008 R2 for x64-basedSystems Service Pack 1 (Server Core installation)

Windows Server 2012

Windows Server 2012 (Server Coreinstallation)

Windows Server 2012 R2

Windows Server 2012 R2 (Server Coreinstallation)

Windows Server 2016

Windows Server 2016 (Server Coreinstallation)

Windows Server 2019

Windows Server 2019 (Server Coreinstallation)

Windows Server, version 1803 (Server CoreInstallation)

Windows Server, version 1903 (Server Coreinstallation

 

三、漏洞處置建議

目前,微軟官方已發布補丁修復此漏洞,CNVD建議用戶立即升級至最新版本:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226

附:參考鏈接:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1181

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1182

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1222

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1226


原文地址:
https://www.cnvd.org.cn/webinfo/show/5165

168彩票网