CVE-2019-0708 PoC — Microsoft Remote Desktop Services 资源管理错误漏洞

Source

Associated Vulnerability

Description

Powershell script to run and determine if a specific device has been patched for CVE-2019-0708.  This checks to see if the termdd.sys file has been updated appropriate and is at a version level at or greater than the versions released in the 5/14/19 patches.

Readme

# CVE-2019-0708-Vulnerability-Scanner
Powershell script to run and determine if a specific device has been patched for CVE-2019-0708.  This checks to see if the termdd.sys file has been updated appropriate and is at a version level at or greater than the versions released in the 5/14/19 patches.


All termdd.sys versions were confirmed by Qualys
https://www.qualys.com/research/security-alerts/2019-05-14/microsoft/

"For CVE-2019-0708


The following versions of termdd.sys with their corresponding KBs are verified:

KB4500331 - 5.1.2600.7701, 5.2.3790.6787 

KB4499149 - 6.0.6003.20514 

KB4499180 - 6.0.6003.20514 

KB4499164 - 6.1.7601.24441 

KB4499175 - 6.1.7601.24441"

File Snapshot

 [4.0K]  /data/pocs/04eae63f5e1923238bb0712b1840977de1405e83
├── [ 14K]  Get-TermDDVersion.ps1
├── [7.5K]  LICENSE
└── [ 679]  README.md

0 directories, 3 files

Remarks