Vulnerability is a remote Code Execution in Windows 10 leak

0


The details of a vulnerability in the Windows that appear to have been accidentally published early. The difference is related to the file system of the SMB network in the current Version, 3.0, which is only supported in Windows 10. In older versions of Windows are not at risk, probably not. A Patch as of yet.

The job market

  1. Scheer GmbH, Düsseldorf
  2. W&W Informatik GmbH, Ludwigsburg



The information about the gap, which is the light emitting diode with an Id of CVE-2020-0796, appeared yesterday in a blog entry from the Cisco Talos. In the meantime, the information that has been removed from the blog post and post it again. Precisely as it turned out, of course.

The compression from the outside, as it is a measure of temporary protection

The vulnerability affects both the Client as well as server implementation. Today Microsoft published an ad, it is recommended that all users on the server side, the compression of the SMBv3 out of it – it’s an indication of what the Problem may be compounded so that. In addition to this, you can block Port 445 on the network.

For Windows users, for the Moment, only Microsoft’s proposal on the protection measures to implement the provision, but it is not likely to be a defense-in-depth. As soon as a Patch is available, it is clear that it should be installed as soon as possible. Microsoft recommends that you register for the Service, you will receive an E-Mail address, as soon as the Release with the appropriate Update of the information is up to date.

I want to Cry, and Notpetya took advantage of the lack of security in the SMB

The security vulnerabilities in the server message block (SMB plagued Windows for many times in the past, it has led to some of the major Malware waves. Thus, in the YEARS, it has developed and got out to Explore the eternal blue, that is used, for example, a vulnerability in the SMB Protocol. This Code was later used by I Want to Cry, and Notpetya, Windows-tire system.

But there is a big difference between the endless blue and the now-well-known-gap: eternal blue was on the Version 1 of the SMB Protocol, and is, therefore, especially in older Windows systems. Now a known security vulnerability, in contrast to this, in the current Version of the SMB and, therefore, it is only very recent installations of Windows.

Please enable Javascript to.
Or, you can use the Golem-pure-offer –
and read Golem.de

  • ad-free
  • with Javascript turned off
  • with RSS full-text Feed