![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
robopet3CVE-2020-0796: New vulnerability in SMB protocol
Microsoft has released a patch for newly discovered critical vulnerability CVE-2020-0796 in the network protocol SMB 3.1.1.
https://www.kaspersky.com/blog/smb-311-vulnerability/33991/
Microsoft SMBv3.11 Vulnerability and Patch CVE-2020–0796 Explained
Update 03/12/2020:
Microsoft releases out of band patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796
Summary
SMBv3.11 has a buffer overflow vulnerability when compression is enabled (default value). Windows 10 and Server use SMBv3.11 and the service runs as SYSTEM. Successful exploitation will result in remote code exection, with SYSTEM privileges. This is considered “wormable”. Microsoft did not release a patch in March 2020 Patch Tuesday.
Надеюсь, никому не надо напоминать о EternalBlue и WannaCry
Microsoft has released a patch for newly discovered critical vulnerability CVE-2020-0796 in the network protocol SMB 3.1.1.
https://www.kaspersky.com/blog/smb-311-vulnerability/33991/
Microsoft SMBv3.11 Vulnerability and Patch CVE-2020–0796 Explained
Update 03/12/2020:
Microsoft releases out of band patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796
Summary
SMBv3.11 has a buffer overflow vulnerability when compression is enabled (default value). Windows 10 and Server use SMBv3.11 and the service runs as SYSTEM. Successful exploitation will result in remote code exection, with SYSTEM privileges. This is considered “wormable”. Microsoft did not release a patch in March 2020 Patch Tuesday.
Надеюсь, никому не надо напоминать о EternalBlue и WannaCry
