Exploit code for a “wormable” Windows 10 SMB vunerability published online

If you haven’t updated Windows recently, now would be a very good time good time.

Hackers are “targeting unpatched systems” using the new code, and advise users to install updates immediately. Exploit code for a “wormable” Windows 10 vulnerability published online. This exploit code is designed to take advance of CVE-2020-0796,

CVE-2020-0796 | Windows SMBv3 Client/Server Remote Code Execution Vulnerability

Patch: Microsoft released a patch for this in March
Exploit Code: The exploit code is known as SMBGhost. SMBGhost exploits a bug in the server message block (SMB) that lets Windows talk with other devices. Once a system is compromised the attacker the attacker can gain access to run malicious code, like malware or ransomware, remotely from the internet.

Risk
This is high risk because the code is “wormable,” it can spread across networks, similar to how the NotPetya and WannaCry ransomware attacks spread across the world, causing billions of dollars in damage.

 

Leave a Reply

Your email address will not be published. Required fields are marked *