Microsoft quickly releases patch for wormable SMB flaw
Flaw was leaked yesterday and fixed today
Yesterday, Microsoft prematurely leaked details surrounding a pre-auth RCE Windows 10 vulnerability found in Microsoft Server Message Block 3.1.1 (SMBv3). Today, it has a patch to rectify the flaw.
Microsoft announced the release of the KB4551762 security update, which will repair the vulnerability that allowed attackers to exploit the remote code execution found in SMBv3 by sending a specially-crafted packet to the targeted SMBv3 server. Microsoft says it has not observed any attacks exploiting the vulnerability created by the Microsoft Server Message Block 3.1.1 (SMBv3) flaw. Still, it is advising everyone running Windows 10 version 1903 or 1909 install the update.
If you have a Windows 10 machine with version 1903 or 1909 or run Windows Server 1903/1909 and have automatic updates enabled, the latest patch has already been pushed to your device. If you manually install updates, you’ll want to download the newest update from the Microsoft Security Update Guide and apply it.
Microsoft also notes that you’ll need to install this update, even if you’ve “installed the security update released on March 10, 2020 or applied the workaround in Microsoft Security Advisory ADV200005.”
Security analytics for your multi-cloud deployments
IBM Security QRadar SIEM solution briefDownload now
Five reasons to move to the cloud
Join the enterprises moving their workloads to the cloudDownload now
Architecting hybrid IT and edge for digital advantage
Why business leaders should consider a hybrid IT strategyDownload now
Six reasons to accelerate remote asset monitoring with AI
How to optimise resources, increase productivity, and grow profit margins with AIDownload now