Security News > 2020 > October > Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems
More than 100,000 Windows systems have not yet been updated to protect against a previously-patched, critical and wormable flaw in Windows called SMBGhost.
Microsoft patched the remote code-execution flaw bug tracked as CVE-2020-0796 back in March; it affects Windows 10 and Windows Server 2019, and ranks 10 out of 10 on the CVSS scale.
According to Kopriva, many of these vulnerable systems are in Taiwan, Japan, Russia and the U.S. Microsoft released its fix, KB4551762, as an update for Windows 10 and Windows Server 2019.
The chart below shows the number of vulnerable systems that are open to SMBGhost.
The pressure is on for system administrators to patch their systems against SMBGhost, with various proof of concepts for the flaw being released over the past few months.
News URL
https://threatpost.com/microsofts-smbghost-flaw-108k-windows-systems/160682/
Related news
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Microsoft expands testing of Windows 11 admin protection feature (source)
- Microsoft starts force upgrading Windows 11 22H2, 23H3 devices (source)
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- Microsoft removes Assassin’s Creed Windows 11 upgrade blocks (source)
- Microsoft fixes Windows Server 2022 bug breaking device boot (source)
- Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-12 | CVE-2020-0796 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Windows 10 and Windows Server 2016 A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'. | 10.0 |