ºü¸¥ ¸Þ´º
  ¼¼±Ý°è»ê¼­/¿µ¼öÁõ ¹ß±Þ
  ¿ä±Ý ³³ºÎ/¹Ì³³ Á¶È¸
°øÁö ¹× ¾È³»
  °øÁö»çÇ×
  ÀÛ¾÷°øÁö
À̺¥Æ® ¹× ½Å±Ô¼­ºñ½º
  À̺¥Æ®
  ½Å±Ô ¼­ºñ½º
»ó´ã ¹× ¹®ÀÇ
  ÀÚÁÖ ¹¯´Â Áú¹®
  1:1Áú¹®°ú ´äº¯
  ¹®ÀǸÞÀÏ º¸³»±â
  °í°´»ó´ã ÀüÈ­¹øÈ£ ¾È³»
»ç¿ë¹ý ¾È³»
  ¼­ºñ½º »ç¿ë¹ý
°í°´ÀÇ ¼Ò¸®
  ĪÂùÇÕ´Ï´Ù
  Best ĪÂù»ç¿ø
  Á¦¾ÈÇÕ´Ï´Ù
  Á¦¾È ¹Ý¿µ ³»¿ª
BlueCGI ºÒ·®»ç¿ëÀÚ ½Å°í
ºí·çÀ¥ ÄÝ¹é ¼­ºñ½º

ÀÛ¾÷°øÁö Ȩ > °øÁö ¹× ¾È³» > ÀÛ¾÷°øÁö
Á¦¸ñ À©µµ¿ì RDP ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ ¾Ç¿ë ÄÚµå °ø°³¿¡ µû¸¥ º¸¾È °­È­ ±Ç°í µî·ÏÀÏ 2019-05-16
³»¿ë

¾È³çÇϼ¼¿ä. (ÁÖ)ºí·çÀ¥ÀÔ´Ï´Ù.

 
MS»çÀÇ À©µµ¿ì RDP ¿ø°Ý½ÇÇàÄÚµå Ãë¾àÁ¡ ¾Ç¿ë ÄÚµå(°³³äÁõ¸íÄÚµå, Proof of Concept, Poc)°¡ ÀÎÅÍ³Ý »ó¿¡ °ø°³µÇ¾î ÇÇÇØ ¿¹¹æÀ» À§ÇÑ º¸¾È °øÁö ¾È³»µå¸³´Ï´Ù.

 

 ¡à °³¿ä
 o ÃÖ±Ù ¿øµµ¿ì RDP ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡(CVE-2019-0708)À» ¾Ç¿ëÇÒ ¼ö ÀÖ´Â °³³äÁõ¸íÄÚµå(Proof of concept code, PoC)°¡ ÀÎÅÍ³Ý»ó¿¡ °ø°³µÇ¾î À©µµ¿ì »ç¿ëÀÚÀÇ º¸¾È °­È­ ÇÊ¿ä

¡Ø °³³äÁõ¸íÄÚµå : Ãë¾àÁ¡À» Áõ¸í/°ËÁõÇÒ ¼ö ÀÖ´Â ÇÁ·Î±×·¥ ¶Ç´Â ¼Ò½ºÄÚµå

¡Ø ±â¼úÁö¿øÀÌ Á¾·áµÈ Windows XP, Windows Server 2003±îÁö º¸¾È¾÷µ¥ÀÌÆ® Á¦°ø

 
 ¡à ÁÖ¿ä ³»¿ë

 o À©µµ¿ì RDP ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡(CVE-2019-0708)¸¦ ¾Ç¿ëÄڵ尡 ÀÎÅÍ³Ý»ó¿¡ °ø°³µÇ¾î ¼­ºñ½º °ÅºÎ °ø°Ý ¹× ·£¼¶¿þ¾î °¨¿° µî¿¡ ¾Ç¿ëµÉ ¼ö ÀÖÀ½

 o À©µµ¿ì ¿ø°Ý µ¥½ºÅ©Åé ÇÁ·ÎÅäÄÝ(Remote Desktop Protocol, RDP) ¼­ºñ½º(±âº»Æ÷Æ®:3389)°¡ ½ÇÇàµÇ°í ÀÖ°í ÃֽŠº¸¾È ¾÷µ¥ÀÌÆ®°¡ Àû¿ëµÇ¾î ÀÖÁö ¾ÊÀ» °æ¿ì °ø°Ý À§Çè¿¡ ³ëÃâ

 o Ãë¾àÁ¡¿¡ ¿µÇâ¹Þ´Â À©µµ¿ì Á¦Ç°À» ÀÌ¿ëÇÏ´Â °¢ ±â°ü, ±â¾÷ ¹× ÀÏ¹Ý »ç¿ëÀÚ´Â ÇØ´ç Ãë¾àÁ¡¿¡ ³ëÃâµÇÁö ¾Êµµ·Ï º¸¾È ¾÷µ¥ÀÌÆ® Àû¿ë ¹× RDP º¸¾È °­È­ ÇÊ¿ä

 

< Ãë¾àÁ¡¿¡ ¿µÇâ ¹Þ´Â À©µµ¿ì Á¦Ç°>

- Windows XP SP3 x86

 - Windows XP Professional x64 Edition SP2

- Windows XP Embedded SP3 x86

- Windows Server 2003 SP2 x86

- Windows Server 2003 x64 Edition SP2

- Windows 7 for 32-bit Systems Servi! ce Pack 1

- Windows 7 for x64-based Systems Service Pack 1

- Windows Server 2008 for 32-bit Systems Service Pack 2

- Windows Server 2008 for x64-based Systems Service Pack 2

- Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1

- Windows Server 2008 R2 for x64-based Systems Service Pack 1


 
¡à ´ëÀÀ ¹æ¾È
 o À©µµ¿ì OS¿¡ ´ëÇÑ ÃֽŠº¸¾È ¾÷µ¥ÀÌÆ® Àû¿ë(KISA º¸¾È°øÁö 1193¹ø Âü°í)

 o RDP »ç¿ëÇÏÁö ¾ÊÀ» ½Ã, ¼­ºñ½º ºñÈ°¼ºÈ­

 o RDP »ç¿ëÀÌ ºÒ°¡ÇÇÇÒ ½Ã, Àΰ¡µÈ °ü¸®ÀÚ IPÁÖ¼Ò¿¡¼­¸¸ À©µµ¿ì RDP¸¦ Á¢±ÙÇÒ ¼ö ÀÖµµ·Ï ¹æÈ­º® µîÀ» ÅëÇÑ Á¢±Ù ÅëÁ¦ °­È­ ¹× ±âº» Æ÷Æ® ¹øÈ£(3389)¸¦ ´Ù¸¥ Æ÷Æ®·Î º¯°æÇÏ¿© »ç¿ë

 o  ¹é½Å ¼³Ä¡ ¹× Á¤±âÀûÀ¸·Î ÃֽŠ¾÷µ¥ÀÌÆ® ¼öÇà


¡à ¹®ÀÇ»çÇ×

 o ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® ÄÚ¸®¾Æ °í°´¼¾ÅÍ: 1577-9700

 o Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ: ±¹¹ø¾øÀÌ 118


[Âü°í»çÀÌÆ®]
[1]
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0708

[2] https://support.microsoft.com/en-us/help/4500705/customer-guidance-for-cve-2019-0708

 

 
°¨»çÇÕ´Ï´Ù.

  



Á¤º¸º¸È£¾ÈÀüÁø´ÜÇÊÁõ ȹµæ Çѱ¹ÀÎÅͳÝÁøÈï¿ø °øÀÎ µµ¸ÞÀÎ µî·Ï´ëÇàÀÚ tucows kt idc sk idc
 
ºí·çÀ¥
¢ßÀ¯´ÏÆÄÀÌ ¼­¿ïƯº°½Ã ¼ºµ¿±¸ ±¤³ª·ç·Î 144, ´õ ½ºÆäÀ̽º Ÿ¿ö 7Ãþ, 13Ãþ (º»Á¡)
´ëÇ¥ÀÌ»ç : ÀÓ¼ºÈ£ »ç¾÷ÀÚµî·ÏÁõ¹øÈ£ : 106-81-85951 Åë½ÅÆǸž÷ ½Å°í¹øÈ£ : °­³² 3315È£ °³ÀÎÁ¤º¸º¸È£Ã¥ÀÓÀÚ : ÀÌÃæÈñ
Copyright¨Ï Blueweb All rights Reserved.