• About
  • Advertise
  • Careers
  • Contact
Monday, February 6, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

Microsoft fixes CVE-2020-0796, the SMBv3 wormable bug recently leaked

by Cyber360 News
March 13, 2020
in Security
0
Microsoft fixes CVE-2020-0796, the SMBv3 wormable bug recently leaked
0
SHARES
4
VIEWS
Share on FacebookShare on Twitter

Microsoft released security updates to fix a recently disclosed CVE-2020-0796 vulnerability in SMBv3 protocol that could be abused by wormable malware.

Microsoft has released security updates to address the CVE-2020-0796 vulnerability in SMBv3 protocol that could be exploited by vxers to implement “wormable” malware.

On March 10, 2019, Microsoft accidentally leaked info on a security update for a wormable vulnerability in the Microsoft Server Message Block (SMB) protocol.

The issue, tracked as CVE-2020-0796, is pre- remote code execution vulnerability that resides in the Server Message Block 3.0 (SMBv3) network communication protocol, the IT giant will not address the issue as part of the March 2020 Patch Tuesday.

Technical details of the CVE-2020-0796 vulnerability have been disclosed, but security firms Cisco Talos and Fortinet published a description of the issue on their websites.

The vulnerability is caused by an error in the way SMBv3 handles maliciously crafted compressed data packets, a remote, unauthenticated attacker could exploit the flaw to execute arbitrary code within the context of the application.

“This indicates an attack attempt to exploit a Buffer Overflow Vulnerability in Microsoft SMB Servers. The vulnerability is due to an error when the vulnerable software handles a maliciously crafted compressed data packet. A remote, unauthenticated attacker can exploit this to execute arbitrary code within the context of the application.” reads the advisory published by Fortinet.

The CVE-2020-0796 vulnerability affects devices running Windows 10 Version 1903, Windows Server Version 1903 (Server Core installation), Windows 10 Version 1909, and Windows Server Version 1909 (Server Core installation). According to Fortinet other Microsoft versions should be affected.

Microsoft has released the KB4551762 update for Windows 10, versions 1903 and 1909, and Windows Server 2019, versions 1903 and 1909.

The update addresses the CVE-2020-0796 vulnerability in the Server Message Block.

Users are recommended to install the updates as soon as possible, in case for some reason it is not possible they can refer mitigation advice published by Microsoft.

Microsoft did not plan release fixes for the issue this month, but evidently the accidental disclosure of the flaw forced the IT giant to release the patch today.

The knowledge of the existence of a wormable flaw impacting SMB protocol is alerting the experts that fear a new wave of WannaCry and NotPetya-like attacks.

Some researchers also developed PoC exploit code that could crash the vulnerable machines.

Researchers at security firm Kryptos Logic has found 48,000 hosts online that had the SMB port exposed to the internet and potentially exposed to attacks exploiting the CVE-2020-0796 flaw.

We’ve just finished our first internet wide scan for CVE-2020-0796 and have identified 48000 vulnerable hosts. We’ll be loading this data into Telltale for CERTs and organisations to action. We’re also working on a blog post with more details (after patch).

— Kryptos Logic (@kryptoslogic) March 12, 2020

Pierluigi Paganini

(SecurityAffairs – hacking, CVE-2020-0796)



Share On


Cyber360 News

Cyber360 News

Next Post
VMware fixes a critical bug in Workstation, Fusion that allows code execution on host From guest

VMware fixes a critical bug in Workstation, Fusion that allows code execution on host From guest

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In