Threat Advisory: Critical Patch Released for ‘Wormable’ SMBv3 Vulnerability

March 13, 2020

Overview

Days after Microsoft’s March 2020 patch Tuesday, they have released a patch for a recent SMBv3 vulnerability (CVE-2020-0796). The Server Message Block (SMB) is a protocol used by file sharing, network browsing, printing services, and interprocess communication over a network. SMB-based exploits have previously been used in high-profile ransomware infections such as WannaCry and NotPetya.

Technical Details

This vulnerability can be exploited on SMBv3 Servers by an unauthenticated attacker sending a specially crafted packet to the targeted server. Exploiting against an SMBv3 Client involves the attacker configuring a malicious SMBv3 Server and convincing users to connect to it. Successful exploitation of this vulnerability grants the attacker the ability to execute code on the targeted server or client.

  • Affected versions: Windows 10 1903/1909 and Windows Server 1903/1909.
References

To learn more about how Herjavec Group can help you secure your environment, please connect with us.


Take the First Step
In Transforming Your Cybersecurity Program

Enterprise security teams are adapting to meet evolving business needs. With 5 global Security Operations Centers, emerging technology partners and a dedicated team of security specialists, Herjavec Group is well-positioned to be your organization’s trusted advisor in cybersecurity. We’ll help you understand your risk exposure, increase your visibility and ROI, and proactively hunt for the latest threats.

Book a Free Consultation

Stay Informed

Follow us on Twitter
Connect with us on LinkedIn