Infosecurity Group Websites

Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more
Latest
News

Microsoft Forced to Patch Leaked Wormable SMB Flaw

Microsoft has been forced to patch a vulnerability in the Server Message Block (SMB) protocol which was accidentally disclosed by some of its security partners earlier this week.

The fix, KB4551762, is an update for Windows 10, versions 1903 and 1909, and Windows Server 2019, versions 1903 and 1909.

It addresses a remote code execution (RCE) vulnerability in the way SMBv3 handles certain requests, which could allow an attacker to execute code on a victim’s server or client.

“To exploit the vulnerability against a server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against a client, an unauthenticated attacker would need to configure a malicious SMBv3 server and convince a user to connect to it,” Microsoft explained.

“The security update addresses the vulnerability by correcting how the SMBv3 protocol handles these specially crafted requests.”

According to SophosLabs, the flaw, dubbed SMBGhost, could be used in a number of different ways and is potentially wormable — i.e. it doesn’t require user interaction to spread.

That draws unhappy parallels with another wormable SMB bug which was exploited back in 2017 by the WannaCry attackers. However, the number of impacted machines in this case appears to be far fewer.

Security vendor Kryptos Logic claimed that around 48,000 servers are vulnerable to the new vulnerability, although it didn’t scan for exposed clients.

The patch was rushed out by Microsoft just days after its monthly update round, after a backroom error meant some of the tech giant’s security partners on its Microsoft Active Protections Program released details of the vulnerability.

Redmond was right to take action, as researchers are already publishing proof-of-concept exploits online.

This month’s Patch Tuesday was a big one for sysadmins, fixing 115 unique CVEs including 26 critical bugs.

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

Misconfiguration Accounts for 82% of Security Vulnerabilities

2
News

First 100,000 Victims of Western Union Fraud Scheme Receive $153m

3
News

Los Angeles Utility Accused of Cybersecurity Coverup

4
News

Teenage Hacker Could Receive 600-Year Jail Term

5
News

Federal Report: US Facing “Catastrophic” Cyber-Attack

6
News

Eight Million Shopper Records Leaked Online

1
News

US Scraps Missiles Over Cybersecurity Concerns

2
News

Info-Stealing Coronavirus Threat Map Detected

3
News

Threat-Thwarting Guidance Published for Cargo Ships

4
News

Chelsea Manning Released After Testimony Deemed No Longer Necessary

5
News

Volusion Magecart Breach Could Net Fraudsters $130m+

6
News

Microsoft Forced to Patch Leaked Wormable SMB Flaw

1
Webinar

2FA or MFA: Which Authentication is Right for Your Business?

2
Webinar

How to Build a Program to Manage Your Third Parties and Supply Chain

3
Webinar

Leveraging ISO 27001 to Manage Cyber & Information Security Risks

4
Webinar

Avoiding the Security Pitfalls of Digital Transformation

5
Webinar

Make Your Own Security Superstars: Scale and Upskill Your Security Team

6
Webinar

Why Remediation Needs to be Part of Your Vulnerability Management Program

1
Blog

Linux Kernel Live Patching: What It Is and Who Needs It

2
Interview

#InternationalWomensDay Interview: Stina Ehrensvärd, Yubico

3
Blog

Coronavirus and the Cybersecurity Threat Landscape

4
Opinion

#HowTo Be Sure You Choose a Safe and Secure Hosting Provider

5
Interview

#InternationalWomensDay Interview: Limor Kessem, Executive Security Advisor, IBM Security

6
Blog

Security by Sector: 148% Increase in Cyber-Attacks on The Pensions Regulator in 2019