漏洞类别:Windows
漏洞等级: 
漏洞信息
ETERNALROMANCE is an exploit tool which uses remote SMBv1 vulnerabilities.
This information comes from the Shadow Brokers' "Equation Group" data dump.
This Zero Day is actively being exploited with the "ETERNALROMANCE" exploit.
Affected Microsoft Operating Systems:
Windows XP - End of life since April 8, 2014
Windows 2003 - End of life since April 11, 2017
Windows Vista - End of life since July 14, 2015
Windows 7
Windows 8
Windows 2008
Windows 2008 R2
漏洞危害
The tool "ETERNALCHAMPION" is being actively used to exploit SMBv1 vulnerabilities.
Successful exploitation of the vulnerability will lead to remote privilege escalation.
解决方案
There are no vendor supplied patches.
Microsoft recommends users to update to latest SMB version and stop using SMBv1.
Refer to Microsoft KB article KB2696547 for more details.
The following affected operating systems are End of Life and Microsoft provides no support.
Windows XP - End of life since April 8, 2014
Windows Vista - End of life since April 11, 2017
Windows 2003 - End of life since July 14, 2015
Workaround:
Blocking SMB traffic at the Firewall can reduce the attack vector.
Refer to KB3185535 for more information.
0day
文章评论