Security News > 2020 > June > SMBGhost Attacks Spotted Following Release of Code Execution PoC

SMBGhost Attacks Spotted Following Release of Code Execution PoC
2020-06-08 07:54

The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency has warned Windows users that a recently released proof-of-concept exploit for the vulnerability tracked as SMBGhost has been abused to launch attacks.

The flaw affects Windows 10 and Windows Server and it can be exploited for denial-of-service attacks, local privilege escalation, and arbitrary code execution.

Last week, a researcher who uses the online moniker Chompie released an SMBGhost exploit for remote code execution.

Chompie said the PoC was not reliable and that it would often cause the system to crash, but several experts have confirmed that the remote code execution exploit works.

Researchers previously warned that various pieces of malware had been exploiting SMBGhost to escalate privileges and spread locally, but it now appears that the vulnerability is also being exploited for remote code execution.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/Q-uL6W48xVg/smbghost-attacks-spotted-following-release-code-execution-poc