CVE-2019-0708 PoC — Microsoft Remote Desktop Services 资源管理错误漏洞

Source

https://github.com/fourtwizzy/CVE-2019-0708-Check-Device-Patch-Status

Associated Vulnerability

Title:Microsoft Remote Desktop Services 资源管理错误漏洞 (CVE-2019-0708)
Description:A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

Description

Powershell script to run and determine if a specific device has been patched for CVE-2019-0708.  This checks to see if the termdd.sys file has been updated appropriate and is at a version level at or greater than the versions released in the 5/14/19 patches.

Readme

# CVE-2019-0708-Vulnerability-Scanner
Powershell script to run and determine if a specific device has been patched for CVE-2019-0708.  This checks to see if the termdd.sys file has been updated appropriate and is at a version level at or greater than the versions released in the 5/14/19 patches.


All termdd.sys versions were confirmed by Qualys
https://www.qualys.com/research/security-alerts/2019-05-14/microsoft/

"For CVE-2019-0708


The following versions of termdd.sys with their corresponding KBs are verified:

KB4500331 - 5.1.2600.7701, 5.2.3790.6787 

KB4499149 - 6.0.6003.20514 

KB4499180 - 6.0.6003.20514 

KB4499164 - 6.1.7601.24441 

KB4499175 - 6.1.7601.24441"

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!