Author: Luke Rummey

Date: 11th March 2020

 

Microsoft have just released a security advisory about a new critical vulnerability (CVE-2020-0796) in Microsoft Server Message Block 3.1.1 (SMBv3). Server Message Block (SMB) is a protocol used to share resources and data between and client and a server. It is very commonly found on internal networks for users to authenticate and share files using a central server.

According to Microsoft this bug is wormable, meaning it can spread automatically between computers. This is similar to the vulnerability which was used by the WannaCry ransomware which took down parts of the NHS in 2017.

Very little information is currently known about this new flaw and the time it takes before a working exploit is created is unknown. If the vulnerability is easy to exploit, we could see real attacks in the wild, possibly, as soon as the end of the week.

Microsoft have not yet released a patch for this vulnerability, but we expect one to be released very soon. In the meantime, they have released a workaround (see below).

UPDATE 12/03/2020: Microsoft has now released a patch for this issue. Users who have already installed the updates released on March 10, 2020 for the affected operating systems should install KB4551762 to be protected from this vulnerability.

The following versions of Microsoft Windows and Windows Server are affected.

  • Windows Server Version 1903 (Server Core Installation)
  • Windows Server Version 1909 (Server Core Installation)
  • Windows 10 Version 1903 for 32-bit Systems
  • Windows 10 Version 1903 for ARM64-based Systems
  • Windows 10 Version 1903 for x64-based Systems
  • Windows 10 Version 1909 for 32-bit Systems
  • Windows 10 Version 1909 for ARM64-based Systems
  • Windows 10 Version 1909 for x64-based Systems
 

Other resources

Cyberfort Colocation Services

Cyberfort has invested heavily in secure infrastructure, making us the perfect colocation service provider to host your mission-critical, sensitive and regulated data.
Find out more >

What can Cyberfort do for you?

Check out our factsheets for detailed information on the matrix of cybersecurity products and services we offer to protect your business.
Find out more >

Cyberfort Deep Dives

Cyberfort’s cybersecurity consultants explore issues in cyber threat intelligence, incident planning and data security. Read our whitepapers to help make decisions that benefit your business.
Find out more >

Receive knowledge to your inbox