Go to computer terminal for registration
On May 15, 2019, JD Cloud Security Team monitored the emergency security patch released office by Microsoft and fixed remote execution code vulnerability (CVE-2019-0708) for Windows remote desktop service. One may directly obtain Windows server permission via this vulnerability.
If a remote execution code vulnerability exists in the remote JD WorkSpaces service (called terminal service previously), when an attacker without identity verification uses RDP to connect to the target system and sends a specially crafted request, since this vulnerability is a pre-identity verification not requiring user interaction, the attacker successfully using this vulnerability can execute any code in the target system, and then the attacker can install programs, view, modify or delete data, or create a new account with complete user permission.
[Vulnerability Number and Rating]
[Windows Version affected by ]
Windows Server 2008 R2
Windows Server 2008
Windows 7, users of Windows 2008 R2 and Windows 2008 will automatically receive the patch update push and will be updated automatically. Please keep Windows update open or update manually.
1. If unnecessary, please prohibit the remote JD WorkSpaces service.
2. Enable the network-level identity verification (NLA) on the system running versions supported by Windows 7, Windows Server 2008 and Windows Server 2008 R2
3. Configure block TCP port 3389 in Security Group
[Official Reference Link]
JD Cloud team2019-05-15 15:49:17