Microsoft released the KB4551762 security update to patch the RCE vulnerability found in Microsoft SMBv3 a couple of days after the flaw was disclosed as part of the March 2020 Patch Tuesday.
The Windows SMBv3 Remote Code Execution vulnerability, tracked as CVE-2020-0796 and dubbed as SMBGhost, allows a remote and unauthenticated hacker to execute the arbitrary code on an exposed device.
Microsoft stated that: „To exploit the vulnerability against a server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against a client, an unauthenticated attacker would need to configure a malicious SMBv3 server and convince a user to connect to it.“
Microsoft originally planned to fix the flaw as part of its March 2020 Patch Tuesday update but pulled the plug at the last minute. Now the tech giant followed up with KB4551762 to fix the SMBGhost Vulnerability.
UPDATE: they have found a new SMB vulnerability in the Patch Tuesday June 2020 update.
What is SMBv3?
SMB is an abbreviation for Server Message Block. It’s a protocol used by Windows in order to share files, printers, communications and more between devices.
It’s Server Message Block version 3.1.1 (SMBv3) that causes problems, as an attacker simply needs to connect to a vulnerable Windows machine using SMBv3 or by initiating a client connection to an SMBv3 server.
Discover Assets Vulnerable to SMBGhost
Lansweeper issued a custom SMBv3 Vulnerability Audit Report that gives you an overview of all affected devices and their patch status.
If you haven’t already, start your free Lansweeper trial to run the custom Vulnerability Report.