微軟官方發(fā)布緊急安全補(bǔ)丁，修復(fù)了 Windows 遠(yuǎn)程桌面服務(wù)的遠(yuǎn)程代碼執(zhí)行高危漏洞 CVE-2019-0708，該漏洞被稱為“永恒之藍(lán)”級(jí)別的漏洞，只要開啟Windows遠(yuǎn)程桌面服務(wù)（RDP服務(wù)）即可被攻擊。

漏洞描述：
     遠(yuǎn)程桌面協(xié)議（RDP）遠(yuǎn)程代碼執(zhí)行漏洞。未經(jīng)身份驗(yàn)證的攻擊者利用該漏洞，向目標(biāo)Windows主機(jī)發(fā)送惡意構(gòu)造請(qǐng)求，可以在目標(biāo)系統(tǒng)上執(zhí)行任意代碼。由于該漏洞存在于RDP協(xié)議的預(yù)身份驗(yàn)證階段，因此漏洞利用無需進(jìn)行用戶交互操作。該漏洞存在被不法分子利用進(jìn)行蠕蟲攻擊的可能。

漏洞評(píng)級(jí)：
CVE-2019-0708   【高?！?/p>

影響范圍：
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows XP SP3 x86
Windows XP Professional x64 Edition SP2
Windows XP Embedded SP3 x86
Windows Server 2003 SP2 x86
Windows Server 2003 x64 Edition SP2
Windows 8和Windows 10及之后版本的用戶不受此漏洞影響。

判斷是否已經(jīng)被入侵：
1. Win+R 快捷鍵運(yùn)行 eventvwr.exe 然后回車。
2. 查看windows日志–>安全：瀏覽日志產(chǎn)生時(shí)間，觀察是否存在大量或者非法的與登錄相關(guān)的事件，如果已經(jīng)被入侵，則系統(tǒng)可能遭到破壞被裝上木馬，建議重裝系統(tǒng)。

檢測(cè)以及修復(fù)漏洞：
可以選用360一鍵檢測(cè)修復(fù)工具：
A.下載并打開360一鍵檢測(cè)修復(fù)工具：
http://dl.360safe.com/leakfixer/360SysVulTerminator.exe
B.離線安裝補(bǔ)丁：
操作系統(tǒng)版本及補(bǔ)丁下載鏈接：
Windows 7 x86：
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x86_6f1319c32d5bc4caf2058ae8ff40789ab10bf41b.msu
Windows 7 x64：
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x64_3704acfff45ddf163d8049683d5a3b75e49b58cb.msu
Windows Embedded Standard 7 for x64：
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x64_3704acfff45ddf163d8049683d5a3b75e49b58cb.msu
Windows Embedded Standard 7 for x86：
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x86_6f1319c32d5bc4caf2058ae8ff40789ab10bf41b.msu
Windows Server 2008 x64：
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x86_6f1319c32d5bc4caf2058ae8ff40789ab10bf41b.msu
Windows Server 2008 Itanium：
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.0-kb4499180-ia64_805e448d48ab8b1401377ab9845f39e1cae836d4.msu
Windows Server 2008 x86:
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.0-kb4499149-x86_832cf179b302b861c83f2a92acc5e2a152405377.msu
Windows Server 2008 R2 Itanium:
http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-ia64_fabc8e54caa0d31a5abe8a0b347ab4a77aa98c36.msu
Windows Server 2008 R2 x64:
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/05/windows6.1-kb4499175-x64_3704acfff45ddf163d8049683d5a3b75e49b58cb.msu
Windows Server 2003 x86:
http://download.windowsupdate.com/d/csa/csa/secu/2019/04/windowsserver2003-kb4500331-x86-custom-chs_4892823f525d9d532ed3ae36fc440338d2b46a72.exe
Windows Server 2003 x64:
http://download.windowsupdate.com/d/csa/csa/secu/2019/04/windowsserver2003-kb4500331-x64-custom-chs_f2f949a9a764ff93ea13095a0aca1fc507320d3c.exe
Windows XP SP3:
http://download.windowsupdate.com/c/csa/csa/secu/2019/04/windowsxp-kb4500331-x86-custom-chs_718543e86e06b08b568826ac13c05f967392238c.exe
Windows XP SP2 for x64:
http://download.windowsupdate.com/d/csa/csa/secu/2019/04/windowsserver2003-kb4500331-x64-custom-enu_e2fd240c402134839cfa22227b11a5ec80ddafcf.exe
Windows XP SP3 for XPe:
http://download.windowsupdate.com/d/csa/csa/secu/2019/04/windowsxp-kb4500331-x86-embedded-custom-chs_96da48aaa9d9bcfe6cd820f239db2fe96500bfae.exe
WES09 and POSReady 2009:
http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/04/windowsxp-kb4500331-x86-embedded-chs_e3fceca22313ca5cdda811f49a606a6632b51c1c.exe

參考資料：
https://cert.#/warning/detail?id=0f64023e053a5753816ac129b5362607

青云QingCloud安全監(jiān)控中心