Security News > 2020 > March > Critical Patch Released for 'Wormable' SMBv3 Vulnerability — Install It ASAP!
Microsoft today finally released an emergency software update to patch the recently disclosed very dangerous vulnerability in SMBv3 protocol that could let attackers launch wormable malware, which can propagate itself from one vulnerable computer to another automatically.
The latest vulnerability, for which a patch update is now available on the Microsoft website, exists in the way SMBv3 protocol handles requests with compression headers, making it possible for unauthenticated remote attackers to execute malicious code on target servers or clients with SYSTEM privileges.
"To exploit the vulnerability against a server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against a client, an unauthenticated attacker would need to configure a malicious SMBv3 server and convince a user to connect to it," Microsoft said in the advisory.
As of today, there are nearly 48,000 Windows systems vulnerable to the latest SMB compression vulnerability and accessible over the Internet.
Since a patch for the wormable SMBv3 flaw is now available to download for affected versions of Windows, it's highly recommended for home users and businesses to install updates as soon as possible, rather than merely relying on the mitigation.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/GMJQcPS83NM/patch-wormable-smb-vulnerability.html
Related news
- VMware fixes critical vCenter RCE vulnerability, patch now (source)
- GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others (source)
- Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP (source)
- Check Point warns customers to patch VPN vulnerability under active exploitation (source)
- Exploit for critical Progress Telerik auth bypass released, patch now (source)
- Exploit for critical Veeam auth bypass available, patch now (source)
- Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability (source)
- SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately (source)
- Critical RCE Vulnerability Discovered in Ollama AI Infrastructure Tool (source)
- Exploit Attempts Recorded Against New MOVEit Transfer Vulnerability - Patch ASAP! (source)