Security News > 2020 > October > Microsoft’s SMBGhost Flaw Still Haunts 108K Windows Systems
More than 100,000 Windows systems have not yet been updated to protect against a previously-patched, critical and wormable flaw in Windows called SMBGhost.
Microsoft patched the remote code-execution flaw bug tracked as CVE-2020-0796 back in March; it affects Windows 10 and Windows Server 2019, and ranks 10 out of 10 on the CVSS scale.
According to Kopriva, many of these vulnerable systems are in Taiwan, Japan, Russia and the U.S. Microsoft released its fix, KB4551762, as an update for Windows 10 and Windows Server 2019.
The chart below shows the number of vulnerable systems that are open to SMBGhost.
The pressure is on for system administrators to patch their systems against SMBGhost, with various proof of concepts for the flaw being released over the past few months.
News URL
https://threatpost.com/microsofts-smbghost-flaw-108k-windows-systems/160682/
Related news
- Microsoft: Windows Server 2025 restarts break connectivity on some DCs (source)
- Microsoft: New Windows updates fix Active Directory policy issues (source)
- Microsoft tells Windows users to ignore 0x80070643 WinRE errors (source)
- Microsoft: Some devices offered Windows 11 upgrades despite Intune blocks (source)
- Microsoft fixes Windows Server 2025 blue screen, install issues (source)
- Microsoft fixes Remote Desktop freezes caused by Windows updates (source)
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- Microsoft: Windows Server hotpatching to require subscription (source)
- Microsoft: Windows 11 24H2 updates fail with 0x80240069 errors (source)
- Microsoft: Windows 11 24H2 now ready to rollout to everyone (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-12 | CVE-2020-0796 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'. | 10.0 |