0x00 description 2019 5 August 31, 360 is detected on github someone posted a lead to a remote denial of Service POC code(https://github.com/n1xbyte/CVE-2019-0708)and for windows server 2008 R2 x64 demo video, the proven POC code real and effective. An attacker can use to spread the code of the system to a remote denial-of-service attack or to modify the code to achieve remote code execution effect. !
0x01 safety recommendations 1. Install 360 security guards a key update. 2. To avoid the Remote Desktop Services RDP, the default port is 3389 exposed on the public Internet, such as for remote operation and maintenance convenient and indeed necessary to open, you can use VPN to log in to access, and close the 445 and 139, and 135 and other unnecessary ports. 3. Use 360 provides RDP remote vulnerability Non-Destructive Testing Tool(https://free.360totalsecurity.com/CVE-2019-0708/detector_release.zip)internal and external network machine scan to detect and repair the loopholes in the machine. For the temporary can not be networked machine to use the 360 offline immunization tool(http://dl.360safe.com/leakfixer/360SysVulTerminator_CVE-2019-0708.exe)to detect the repair.