Time to patch! Serious SMBv3 bug – CVE-2020-0796
Its that time again, Microsoft’s patch Tuesday. This week, however, Microsoft has released an emergency out-of-band hotfix for Windows 10 and Windows Server 2019. This hotfix is for the vulnerability CVE-2020-0796, which addresses a wormable vulnerability which affects the SMBv3 protocol.
The fix is available for Windows 10 1903 and above and for Windows Server 2019 1903 and above, so make sure that all your systems are updated and are running current versions of Windows as soon as possible.
The emergency update released by Microsoft, fixes a vulnerability within the Server Message Block (SMB), which is a protocol which allows devices on a network to talk to each other, such as printers and saving documents to network devices.
The bug, when exploited allows attackers to establish connections to systems where SMB is enabled and the attempt to run some malicious code which will use SYSTEM level permissions, which in turn will allow for a system takeover.
If you are unable to patch your machines straight away, Microsoft provides some guidance on how to remediate the attack vector, by disabling SMBv3. You can find this information here.
As always, make sure you are running updated versions of software and ensure that you have a regular patch cycle., as per Cyber Essentials guidelines.