SMBv3-gap-in-Windows-BSI it is recommended that the Server, by means of a work-around in the hedge


With the latest version of Windows is a critical vulnerability (CVE-2020-0796) the SMBv3 Protocol that attackierbar. To put forward a weak point, you could run out of a remote authentication of the malicious code, and the Computer is out of control.

As long as there are no Patches, you just need the Admins to answer, and a Workaround, please follow, warns the Federal office for information security (BSI), in a recent press release.

A trail of destruction across Windows 10 and the SAC Semi-Annual Canal), 1903, and 1909 (32/64-Bit and ARM64), and Windows Server, from 1903 to 1909. Windows 10 and LTSC (Long-Term Maintenance of the Canal by the year 2016 and 2019, as well as the Windows, Server, LTSC of the 2016 and 2019 are not affected by this vulnerability. The SMB has been deeply rooted into Windows, and the network Protocol that allows you to access the files via a network share, and to make the printer available on the network.

Particularly dangerous, the main difference is that it is not just access to the Internet on the compromised computers. Due to the possibility of the worm spreading across networks, it could be tackled in one go.

The Windows-based desktop Computer should not be accessible to the public, they should be self-explanatory. Now, but in a different way, for example, a fraudulent e-Mail, in addition to an attachment of the file, SMBv3 the Load on a machine, it’s almost like stepping stones on the path, and the malicious code that spreads itself on the basis of any place in the network of the company. In the fall of 2017, with the shadows of Trojans and WannaCry and NotPetya he took up a worm-like spread across the whole of the company at an issue.

Currently, it is not known when Microsoft releases the security updates. Even so, Administrators on the Windows to protect the Server and in dire need of more than one e-mail message from Microsoft, that described a Solution to this. To turn off the compression, SMBv3, and forwards the verse-packages, prepared, finished off the match. For Customers, this approach does not work, and the Admins should disable SMBv3 up to the release of the Patch. How does this work, describes Microsoft in a blog post. The Block SMB Connections use the TCP Port 445 should be required.

[UPDATE, 12.03.2020 15:10 Uhr]

A note about the TCP Port that was added.