Skip to main content

Microsoft Patches SMBv3 Bug

by Chris Brook on Thursday March 12, 2020

Contact Us
Free Demo
Chat

Microsoft issued an out-of-band security update for a critical SMB bug (CVE-2020-0796) on Thursday.

As some expected, Microsoft on Thursday pushed out a patch for a vulnerability in the SMBv3 protocol that was disclosed earlier this week.

The fix, KB4551762, resolves CVE-2020-0796, a critical vulnerability in Microsoft's SMBv3 implementation. SMB, or Server Message Block, is a network file sharing protocol Windows primarily uses to share files, printers, and serial ports.

The vulnerability, a remote code execution vulnerability, could allow a remote attacker to exploit SMBv3, or 3.1.1, to take control of an affected system.

To exploit the vulnerability against a server, Microsoft says an attacker would just need to send a specially crafted packet to a targeted SMBv3 server. To exploit a client, an unauthenticated attacker would need to configure a malicious SMBv3 server and convince a user to connect to it.

There was concern earlier this week that the bug could be “wormable” a la the bugs that led to WannaCry, NotPetya, and BlueKeep if exploited after it went unpatched on Tuesday, when Microsoft issued an advisory.

As a workaround, Microsoft's advisory on the vulnerability, ADV200005, initially suggested disabling SMBv3 compression to block unauthenticated attackers from exploiting the vulnerability against an SMBv3 server with a PowerShell script.

Alternatively, Microsoft also suggested admins block TCP port 445 and preventing SMB traffic from lateral connections.

The vulnerability is present in 32- and 64-bit Windows 10 version 1903 and 1909 for desktops and servers.

Experts on Thursday pressed users to either update as soon as possible or apply the workaround.

Tags:  Vulnerabilities

Recommended Resources

The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss Prevention

All the essential information you need about DLP in one eBook.

6 Cybersecurity Thought Leaders on Data Protection
6 Cybersecurity Thought Leaders on Data Protection

Expert views on the challenges of today & tomorrow.

Digital Guardian Technical Overview
Digital Guardian Technical Overview

The details on our platform architecture, how it works, and your deployment options.