Beijing network and center of information safety Information Circular are reported, on May 15, 2019, microsoft government released safe in May newer patch, update this in all repair 82 flaw, among them Windows operating system is long-range the desktop serves flaw (CVE-2019-0708) minatory rate is higher, aggressor can exploit this loophole long-range need not user test and verify is through transmitting tectonic and special baleful data on target system implement baleful code, get the complete control of the machine thereby. This flaw is easy by vermian virus, blackmail the baleful program such as virus to use.
One, flaw is fundamental circumstance
The Remote Desktop Services of system of Windows of this flaw consist in (long-range desktop serves) in, can pass the data package that sends special construction to spark without the aggressor of identity test and verify flaw, the likelihood is brought about long-range need not user test and verify controls a system. This means this flaw to be able to pass the means of network worm to be used, any baleful software that use this loophole travel possibly from the computer that is infected other the computer that suffers attack easily, the aggressor that exploits this loophole successfully is OK aleatoric code is implemented on target system.
2, flaw incidence
1. suffers influence version to include:
? Windows 7
? WindowsServer 2008 R2
? WindowsServer 2008
? WindowsServer 2003
? Windows XP
2. insusceptible version includes:
? Windows 8
? Windows 10
3, network safety hints
Be aimed at this circumstance, begin the work of the following respects in time please: 01
1
Undertake the system upgrades in time
1. government patch
Microsoft government has released newer patch (include the government to stop to maintain version) , undertake the patch is updated in time please. The means that obtain and installs a patch has 3 kinds: Inside patch of service of net WSUS service, Microsoft Update of Microsoft official net, installation leaving a line.
Note: If need to start Windows Update to update instantly, wuauclt.exe /detectnow can be keyed in below command clew accord with.
Means one: Net WSUS serves inside
Applicable object: Already joined build the computer that has region of catalog of activity of the net inside WSUS server, or set service of WSUS of the net inside the visit by hand.
The safe patch that the system can time automatic download needs hints installation, undertake install and restarting by clew please system.
If hope to install a patch as soon as possible, start the computer afresh please can.
Means 2: MicrosoftUpdate of Microsoft official net serves
Applicable object: All and OK couplet net, cannot use inside the computer that net WSUS serves, include to was not enabled inside the computer that net WSUS serves, enabled inside net WSUS serves but not with inside net connective computer.
Did not enable inside the computer that net WSUS serves, ensure Windows is enabled newlier automatically please, install a patch according to clew and restart the computer.
Means 3: Install a patch from the line
The patch that downloads the systematic correspondence that government-owned net releases installs a bag, doubleclick move can have repair.
2
Flaw defends
If of short duration cannot install a patch to update, adopt instantly please temporarily preventive measure, undertake defending to this flaw: If the user does not need to use long-range desktop service,be, the proposal is banned serve with this; 2 it is right in lead plane firewall long-range desktop port (acquiesce is 3389) undertake block is broken; 3 it is to enable network class attestation (NLA) , this plan applies to Windows 7, windows Server 2008 and WindowsServer 2008 R2.
3
Strengthen monitor and lash-up deals with
Farther perfect network and information system break out incident lash-up beforehand case, ensure sudden incident lash-up is answered seasonable, standard, effective. Outstanding circumstance brings sectional report in time to network of office of apanage public security.
2019-05-011 period