Security News > 2020 > March > Microsoft patches wormable Windows 10 ‘SMBGhost’ flaw
In the case of the critical Windows 10 Server Message Block vulnerability left unpatched in March's otherwise bumper Windows Patch Tuesday update, the answer is two days.
That's how long it took Microsoft to change its mind about releasing a fix after news of the remote code execution flaw leaked in now-deleted vendor posts and word spread to customers.
To exploit the vulnerability against an SMB Server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 Server.
1.1 compression on servers and blocking port 445 using firewalls - Microsoft has now issued a patch, KB4551762.
The issue only affects 32/64-bit Windows 10 and Server versions 1903 and 1909 because earlier versions don't support the affected SMBv3.
News URL
https://nakedsecurity.sophos.com/2020/03/16/microsoft-patches-wormable-windows-10-smbghost-flaw/
Related news
- Microsoft fixes Windows 10 bug causing apps to stop working (source)
- Microsoft just killed the Windows 10 Beta Channel again (source)
- Microsoft just killed the Windows 10 Beta Channel for good (source)
- Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls (source)
- Microsoft fixes Windows KB5043145 reboot loops, USB and Bluetooth issues (source)
- What Is Inside Microsoft’s Major Windows 11 Update? (source)
- Microsoft warns of Windows 11 24H2 gaming performance issues (source)
- Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- Windows 10 KB5044273 update released with 9 fixes, security updates (source)