Threat Advisory: Critical Patch Released for ‘Wormable’ SMBv3 Vulnerability
March 13, 2020
Days after Microsoft’s March 2020 patch Tuesday, they have released a patch for a recent SMBv3 vulnerability (CVE-2020-0796). The Server Message Block (SMB) is a protocol used by file sharing, network browsing, printing services, and interprocess communication over a network. SMB-based exploits have previously been used in high-profile ransomware infections such as WannaCry and NotPetya.
This vulnerability can be exploited on SMBv3 Servers by an unauthenticated attacker sending a specially crafted packet to the targeted server. Exploiting against an SMBv3 Client involves the attacker configuring a malicious SMBv3 Server and convincing users to connect to it. Successful exploitation of this vulnerability grants the attacker the ability to execute code on the targeted server or client.
- Affected versions: Windows 10 1903/1909 and Windows Server 1903/1909.
To learn more about how Herjavec Group can help you secure your environment, please connect with us.