Shulou(Shulou.com)05/31 Report--

This article to share with you is about Windows WannaCry vulnerability CVE-2019-0708 is what kind of, Xiaobian think quite practical, so share to everyone to learn, I hope you can read this article after some harvest, not much to say, follow Xiaobian to see it.

On the second anniversary of WannaCry, Windows has once again been exposed to high-risk remote vulnerabilities. On May 15, 2019, Microsoft officially released the May Security Update patch, which fixes 82 vulnerabilities, including CVE-2019-0708, a remote code execution vulnerability for Remote Desktop (RDP) services.

According to a blog post published by Microsoft Security Response Center (MSRC), Remote Desktop Protocol (RDP) itself is not vulnerable to attacks, and this vulnerability is pre-authenticated and requires no user interaction. This means that any future malware that exploits this vulnerability could spread from vulnerable computers to other computers in a manner similar to the global spread of WannaCry malware in 2017.

Exploiting the vulnerability could allow an attacker to install programs, view, change or delete data, or create new accounts with full user rights. The temptation of this vulnerability can be imagined. As long as POC is released, WannaCry can be repeated without most people having time to update it.

So far, however, no malicious activity has been found to exploit this vulnerability, and there have been a number of GitHub messages that use this message to trick Star, phishing, or prank.

You think it's an exploit...

I just want to tell you: Never Gonna Give You Up.

Scope of CVE-2019-0708 Vulnerability:

Windows 7

Windows Server 2008 R2

Windows Server 2008

Windows Server 2003 (maintenance discontinued)

Windows XP (maintenance discontinued)

With the exception of Windows 8 and Windows 10, almost all versions of Windows are affected by this vulnerability. Although Microsoft has stopped supporting Windows 2003 and Windows XP, due to the high level of vulnerability, Microsoft's fix also covers all affected versions of Windows.

Safety recommendation 1. Interim response

Network Level Authentication (NLA) is enabled on the affected version of the system; when NLA is enabled, an attacker would need to authenticate to Remote Desktop Services using a valid account on the target system in order to successfully exploit the vulnerability.

Microsoft officials suggest that regardless of whether NLA is enabled, it should be updated as soon as possible to completely eliminate the impact of the vulnerability.

2. security patches

Since Win8 and Win 10 are not affected by the CVE-2019-0708 vulnerability, these users can rest assured. For Win 7 and Server 2008 users, vulnerability patches can be installed directly through automatic system updates. If you have turned off automatic system updates, you can download the corresponding version of the patch installation from the following link:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708

For Windows 2003 and Windows XP users, since the official support has stopped, it is impossible to install patches through automatic updates. You need to manually download security patches from the following address (360 Security Guard users can install patches quickly through the "Bug Repair" function):

https://support.microsoft.com/zh-cn/help/4500705/customer-guidance-for-cve-2019-0708

The above is what the WannaCry vulnerability CVE-2019-0708 in Windows is like. Xiaobian believes that some knowledge points may be seen or used in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.