Threat Advisory: Critical Patch Released for ‘Wormable’ SMBv3 Vulnerability

March 13, 2020

Overview

Days after Microsoft’s March 2020 patch Tuesday, they have released a patch for a recent SMBv3 vulnerability (CVE-2020-0796). The Server Message Block (SMB) is a protocol used by file sharing, network browsing, printing services, and interprocess communication over a network. SMB-based exploits have previously been used in high-profile ransomware infections such as WannaCry and NotPetya.

Technical Details

This vulnerability can be exploited on SMBv3 Servers by an unauthenticated attacker sending a specially crafted packet to the targeted server. Exploiting against an SMBv3 Client involves the attacker configuring a malicious SMBv3 Server and convincing users to connect to it. Successful exploitation of this vulnerability grants the attacker the ability to execute code on the targeted server or client.

  • Affected versions: Windows 10 1903/1909 and Windows Server 1903/1909.
References

To learn more about how Herjavec Group can help you secure your environment, please connect with us.


About Herjavec Group

Dynamic entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. We have been recognized as one of the world’s most innovative cybersecurity operations leaders, and excel in complex, multi-technology environments. Our service expertise includes Advisory Services, Technology Architecture & Implementation, Identity Services, Managed Security Services, Threat Management and Incident Response. Herjavec Group has offices and Security Operations Centers across the United States, United Kingdom and Canada.

Stay Informed

Follow us on Twitter

Connect with us on LinkedIn