Microsoft patches SMBv3 wormable bug


Microsoft released the patch for the critical wormable SMBv3 vulnerability which was accidentally leaked earlier this week during the March 2020 Patch Tuesday preamble.

The patch is available as KB4551762, an update for Windows 10, versions 1903 and 1909, and Windows Server 2019, versions 1903 and 1909.

This update fixes the vulnerability CVE-2020-0796 called as SMBGhost that was found in Server Message Block, a protocol for sharing files, printers, and other resources on local networks and the Internet.

This bug permits a cybercriminal to connect to remote systems where the SMB service is enabled and run malicious code with SYSTEM privileges, allowing for remote takeovers of vulnerable systems.

Due to some miscommunication between Microsoft and some antivirus vendors, the details regarding this bug was leaked online earlier this week.

According to the antivirus vendors, the bug could be used to develop self-spreading SMB worms.

Microsoft was not actually planning to release fixes this month, but was forced to do so after the leak of the bug.

Several security researchers have developed basic proof-of-concept demos for the bug, demonstrating how they used the vulnerability to cause crashes on vulnerable machines.

The tech giant stated that the vulnerability only affects Windows 10 and Windows Server 2019 (both v1903 and v1909) systems.

Cyber-security firm Kryptos Logic reported that they have identified around 48,000 hosts across the internet that had the SMB port exposed to the internet and were vulnerable to potential attacks using this bug.

The users can install the updates and for those who can’t install the patch right away, detailed mitigation advice has been provided by the company in a separate security advisory.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Beware of fake Coronavirus Maps

    Previous article

    Breached Volusion card surfaces on the dark web

    Next article

    You may also like


    Leave a reply

    Your email address will not be published. Required fields are marked *