After the inadvertent leaking of details about a wormable Windows SMBv3 RCE flaw (CVE-2020-0796) on Tuesday, Microsoft has rushed to release a patch (i.e., security updates).
The flaw affects Windows 10 (versions 1903 and 1909) and Windows Server (1903 and 1909) installations, so admins who have those in their care are urged to implement the security updates right away.
Those who can’t should at least disable SMBv3 compression, block TCP port 445 at the enterprise perimeter firewall and prevent SMB traffic from lateral connections and entering or leaving the network. Guidance on how to do that has also been provided by Microsoft.
CVE-2020-0796 PoC exploits
CVE-2020-0796, al ..
Support the originator by clicking the read the rest link below.
