Time to patch! Serious smb3 vulnerability – CVE-2020-0796

It’s that time again, Microsoft’s patch Tuesday. This week, however, Microsoft has released an emergency out-of-band hotfix for Windows 10 and Windows Server 2019. This hotfix is for the smb3 vulnerability CVE-2020-0796, which addresses a wormable vulnerability that affects the SMB3 protocol.

The fix is available for Windows 10 1903 and above and for Windows Server 2019 1903 and above, so make sure that all your systems are updated and are running current versions of Windows as soon as possible.

The emergency update released by Microsoft fixes a vulnerability within the Server Message Block (SMB), which is a protocol that allows devices on a network to talk to each other, such as printers and saving documents to network devices.

The bug, when exploited allows attackers to establish connections to systems where SMB is enabled and the attempt to run some malicious code that will use SYSTEM level permissions, which in turn will allow for a system takeover.

If you are unable to patch your machines straight away, Microsoft provides some guidance on how to remediate the attack vector, by disabling SMB3.  You can find this information here.

As always, make sure you are running updated versions of software and ensure that you have a regular patch cycle., as per Cyber Essentials guidelines.