高危漏洞预警 Windows系统 SMB/RDP远程命令执行漏洞

2017年4月14日,国外黑客组织Shadow Brokers发出了NSA方程式组织的机密文档,包含了多个Windows 远程漏洞利用工具,该工具包可以可以覆盖全球70%的Windows服务器,为了确保您在阿里上的业务安全,请您关注,具体漏洞详情如下:      


漏洞编号:
暂无
漏洞名称:
Windows系统多个SMB\RDP远程命令执行漏洞
官方评级:
高危
漏洞描述:
国外黑客组织Shadow Brokers发出了NSA方程式组织的机密文档,包含了多个Windows 远程漏洞利用工具,该工具包可以可以覆盖全球70%的Windows服务器,可以利用SMB、RDP服务成功入侵服务
漏洞利用条件和方式:
可以通过发布的工具远程代码执行成功利用该漏洞。
漏洞影响范围:
已知受影响的Windows版本包括但不限于:
Windows NT,Windows 2000、Windows XP、Windows 2003、Windows Vista、Windows 7、Windows 8,Windows 2008、Windows 2008 R2、Windows Server 2012 SP0。
高危漏洞预警 Windows系统 SMB/RDP远程命令执行漏洞
漏洞检测:
确定服务器对外开启了137、139、445、3389端口,排查方式如下:
外网计算机上telnet 目标地址445,例如:telnet 114.114.114.114 445
漏洞修复建议(或缓解措施):
1.针对使用中的Windows服务器

微软已经发出通告 ,强烈建议您直接使用 Windows Update 功能为在使用中的ECS更新最新补丁或手工下载以下补丁安装;

1)Windows Update更新补丁方式:点击“开始”->“控制面板”->“Windows Update” ,点击“检查更新”:
高危漏洞预警 Windows系统 SMB/RDP远程命令执行漏洞
2)安装更新:
高危漏洞预警 Windows系统 SMB/RDP远程命令执行漏洞
3)检查安装结果,点击“查看更新历史记录”,检查安装的补丁:
高危漏洞预警 Windows系统 SMB/RDP远程命令执行漏洞
4)安装完成后,补丁安装状态为“挂起”,重启后生效:
高危漏洞预警 Windows系统 SMB/RDP远程命令执行漏洞

补丁链接 

1.微软公告MS17-010
https://technet.microsoft.com/zh-cn/library/security/MS17-010

对应漏洞编号:
CVE-2017-0143、CVE-2017-0144、CVE-2017-0145、CVE-2017-0146、CVE-2017-0147、CVE-2017-0148

补丁下载链接:
1)微软补丁编号:KB4012212
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012212

2)微软补丁编号:KB4012213
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012213

3)微软补丁编号:KB4012214
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012214

4)微软补丁编号:KB4012215
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012215

5)微软补丁编号:KB4012216
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012216

6)微软补丁编号:KB4012217
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012217

7)微软补丁编号:KB4012598
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

8)微软补丁编号:KB4013198
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4013198

9)微软补丁编号:KB4013429
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4013429

10)微软补丁编号:KB4012606
http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012606

2.微软公告MS10-061
https://technet.microsoft.com/zh-cn/library/security/MS10-061

对应漏洞编号:
CVE-2010-2729

补丁下载链接:

1)微软补丁编号:KB2347290
http://www.microsoft.com/downloads/details.aspx?FamilyID=93FABA6B-0A85-4ACC-B527-A012BBF56B13&displayLang=zh-cn
http://www.microsoft.com/downloads/details.aspx?FamilyID=028977FD-0F39-42D4-9FEE-0D90A2931CFD&displayLang=zh-cn
http://www.microsoft.com/downloads/details.aspx?FamilyID=073B3305-4A81-4EF8-B6AA-E53B31A936B4&displayLang=zh-cn
http://www.microsoft.com/downloads/details.aspx?FamilyID=11E20088-1BE2-4166-9C97-234B7E9F1C4F&displayLang=zh-cn
http://www.microsoft.com/downloads/details.aspx?FamilyID=34619E9E-1F00-40E4-BE6F-5BBF5E3C801B&displayLang=zh-cn
http://www.microsoft.com/downloads/details.aspx?FamilyID=3D79680B-C071-462F-9CEA-551FBD42EDF0&displayLang=zh-cn
http://www.microsoft.com/downloads/details.aspx?FamilyID=C68B9337-883D-4E98-BA0A-90B5CAD46184&displayLang=zh-cn
http://www.microsoft.com/downloads/details.aspx?FamilyID=DBB747A5-658D-44CF-BD49-425D1700157F&displayLang=zh-cn
http://www.microsoft.com/downloads/details.aspx?FamilyID=E08D4F49-5A13-4E1D-B0A7-27B314C2EDB5&displayLang=zh-cn
http://www.microsoft.com/downloads/details.aspx?FamilyID=E2E788DE-8400-4BF6-B96B-A915154AA20A&displayLang=zh-cn
http://www.microsoft.com/downloads/en/details.aspx?familyid=098537D5-BF6E-4E04-AD33-1CDE697E062F&displaylang=en
http://www.microsoft.com/downloads/en/details.aspx?familyid=9F7F3737-056D-44BD-B644-51093B5B501B&displaylang=en
http://www.microsoft.com/downloads/en/details.aspx?familyid=CA35A520-C4DA-41BB-ABCC-D5BC534FF19A&displaylang=en
http://www.microsoft.com/downloads/en/details.aspx?familyid=D8C635F8-8978-44BF-B457-E07368F08EF4&displaylang=en

3.微软公告MS14-068
https://technet.microsoft.com/zh-cn/library/security/MS14-068

对应漏洞编号:
CVE-2014-6324

补丁下载链接:

1)微软补丁编号:KB3011780
http://www.microsoft.com/zh-CN/download/details.aspx?id=44960
http://www.microsoft.com/zh-CN/download/details.aspx?id=44970http://www.microsoft.com/en-us/download/details.aspx?id=44984
http://www.microsoft.com/zh-CN/download/details.aspx?id=44967http://www.microsoft.com/zh-CN/download/details.aspx?id=44971
http://www.microsoft.com/en-us/download/details.aspx?id=44983http://www.microsoft.com/zh-CN/download/details.aspx?id=44978
http://www.microsoft.com/zh-CN/download/details.aspx?id=44981http://www.microsoft.com/en-us/download/details.aspx?id=44973
http://www.microsoft.com/zh-CN/download/details.aspx?id=44982http://www.microsoft.com/zh-CN/download/details.aspx?id=44979
http://www.microsoft.com/zh-CN/download/details.aspx?id=44976http://www.microsoft.com/zh-CN/download/details.aspx?id=44965

4.微软公告MS09-050

https://technet.microsoft.com/zh-cn/library/security/MS09-050

对应漏洞编号:
CVE-2009-2526、CVE-2009-2532、CVE-2009-3103

补丁下载链接:

1)微软补丁编号:KB975517
https://www.microsoft.com/en-us/download/details.aspx?id=2578
https://www.microsoft.com/en-us/download/details.aspx?id=12010
https://www.microsoft.com/en-us/download/details.aspx?id=3486
https://www.microsoft.com/en-us/download/details.aspx?id=3195
https://www.microsoft.com/en-us/download/details.aspx?id=11858

5.微软公告MS08-067
https://technet.microsoft.com/zh-cn/library/security/MS08-067

对应漏洞编号:
CVE-2008-4250

补丁下载链接:1)微软补丁编号:KB958644
https://www.microsoft.com/en-us/download/details.aspx?id=11141
https://www.microsoft.com/en-us/download/details.aspx?id=16713
https://www.microsoft.com/en-us/download/details.aspx?id=18905
https://www.microsoft.com/en-us/download/details.aspx?id=19478
https://www.microsoft.com/en-us/download/details.aspx?id=20113
https://www.microsoft.com/en-us/download/details.aspx?id=21663
https://www.microsoft.com/en-us/download/details.aspx?id=21974
https://www.microsoft.com/en-us/download/details.aspx?id=3205
https://www.microsoft.com/en-us/download/details.aspx?id=3404
https://www.microsoft.com/en-us/download/details.aspx?id=530
https://www.microsoft.com/en-us/download/details.aspx?id=5873
https://www.microsoft.com/en-us/download/details.aspx?id=6185
https://www.microsoft.com/en-us/download/details.aspx?id=6203
https://www.microsoft.com/en-us/download/details.aspx?id=7605

相关新闻