Дата обнаружения
|
14/05/2019 |
Уровень угрозы
|
Critical |
Описание
|
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities:
|
Эксплуатация
|
The following public exploits exists for this vulnerability: https://github.com/syriusbughunt/CVE-2019-0708 https://github.com/Barry-McCockiner/CVE-2019-0708 https://github.com/ShadowBrokers-ExploitLeak/CVE-2019-0708 https://github.com/safly/CVE-2019-0708 https://github.com/Jaky5155/cve-2019-0708-exp https://github.com/fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status https://github.com/303sec/CVE-2019-0708 https://github.com/f8al/CVE-2019-0708-POC https://github.com/blockchainguard/CVE-2019-0708 https://github.com/haoge8090/CVE-2019-0708 https://github.com/yushiro/CVE-2019-0708 https://github.com/skyshell20082008/CVE-2019-0708-PoC-Hitting-Path https://github.com/ttsite/CVE-2019-0708- https://github.com/ttsite/CVE-2019-0708 https://github.com/biggerwing/CVE-2019-0708-poc https://github.com/n1xbyte/CVE-2019-0708 https://github.com/freeide/CVE-2019-0708 https://github.com/edvacco/CVE-2019-0708-POC https://github.com/pry0cc/BlueKeepTracker https://github.com/zjw88282740/CVE-2019-0708-win7 https://github.com/zerosum0x0/CVE-2019-0708 https://github.com/herhe/CVE-2019-0708poc https://github.com/l9c/rdp0708scanner https://github.com/major203/cve-2019-0708-scan https://github.com/SugiB3o/Check-vuln-CVE-2019-0708 https://github.com/gobysec/CVE-2019-0708 https://github.com/adalenv/CVE-2019-0708-Tool https://github.com/smallFunction/CVE-2019-0708-POC https://github.com/freeide/CVE-2019-0708-PoC-Exploit https://github.com/robertdavidgraham/rdpscan https://github.com/closethe/CVE-2019-0708-POC https://github.com/Rostelecom-CERT/bluekeepscan https://github.com/Leoid/CVE-2019-0708 https://github.com/ht0Ruial/CVE-2019-0708Poc-BatchScanning https://github.com/oneoy/BlueKeep https://github.com/infiniti-team/CVE-2019-0708 https://github.com/haishanzheng/CVE-2019-0708-generate-hosts https://github.com/Ekultek/BlueKeep https://github.com/UraSecTeam/CVE-2019-0708 https://github.com/Gh0st0ne/rdpscan-BlueKeep https://github.com/algo7/bluekeep_CVE-2019-0708_poc_to_exploit https://github.com/JasonLOU/CVE-2019-0708 https://github.com/shun-gg/CVE-2019-0708 https://github.com/AdministratorGithub/CVE-2019-0708 https://github.com/umarfarook882/CVE-2019-0708 https://github.com/HynekPetrak/detect_bluekeep.py https://github.com/Wileysec/CVE-2019-0708-Batch-Blue-Screen https://github.com/Pa55w0rd/CVE-2019-0708 https://github.com/at0mik/CVE-2019-0708-PoC https://github.com/cream-sec/CVE-2019-0708-Msf— https://github.com/wdfcc/CVE-2019-0708 https://github.com/cvencoder/cve-2019-0708 https://github.com/ze0r/CVE-2019-0708-exp https://github.com/mekhalleh/cve-2019-0708 https://github.com/cve-2019-0708-poc/cve-2019-0708 https://github.com/andripwn/CVE-2019-0708 https://github.com/0xeb-bp/bluekeep https://github.com/ntkernel0/CVE-2019-0708 https://github.com/turingcompl33t/bluekeep https://github.com/fade-vivida/CVE-2019-0708-test https://github.com/skommando/CVE-2019-0708 https://github.com/davidfortytwo/bluekeep https://github.com/tranqtruong/Detect-BlueKeep Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details. |
Пораженные продукты
|
Windows Server 2016 (Server Core installation) |
Решение
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
Первичный источник обнаружения
|
CVE-2019-0734 CVE-2019-0918 CVE-2019-0889 CVE-2019-0885 CVE-2019-0884 CVE-2019-0882 CVE-2019-0881 CVE-2019-0758 CVE-2019-0863 CVE-2019-0890 CVE-2019-0961 CVE-2019-0898 CVE-2019-0899 CVE-2019-0930 CVE-2019-0921 CVE-2019-0708 CVE-2019-0891 CVE-2019-0893 CVE-2019-0902 CVE-2019-0903 CVE-2019-0896 CVE-2019-0895 CVE-2019-0936 CVE-2019-0897 CVE-2019-0900 CVE-2019-0725 CVE-2019-0894 CVE-2019-0901 ADV190013 |
Оказываемое влияние
?
|
ACE
[?]
OSI
[?]
PE
[?]
SUI
[?]
|
Связанные продукты
|
Microsoft Internet Explorer Microsoft Windows Microsoft Windows Server Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Server 2008 Windows RT Microsoft Windows 10 Microsoft Edge |
CVE-IDS
|
CVE-2019-09214.3Warning
CVE-2019-09187.6Critical CVE-2019-08847.6Critical CVE-2019-09304.3Warning CVE-2019-08959.3Critical CVE-2019-08899.3Critical CVE-2019-08637.2High CVE-2019-07584.3Warning CVE-2019-08919.3Critical CVE-2019-09367.2High CVE-2019-09009.3Critical CVE-2019-09614.3Warning CVE-2019-09039.3Critical CVE-2019-08859.3Critical CVE-2019-08949.3Critical CVE-2019-08939.3Critical CVE-2019-09029.3Critical CVE-2019-08969.3Critical CVE-2019-08824.3Warning CVE-2019-08979.3Critical CVE-2019-07257.5Critical CVE-2019-09019.3Critical CVE-2019-08989.3Critical CVE-2019-07349.3Critical CVE-2019-08909.3Critical CVE-2019-08817.2High CVE-2019-08999.3Critical |
KB list
|
4499164 |