Smile On Fridays secured coverage in The Daily Swig for Tenable
Windows SMB: Accidental bug disclosure prompts emergency security patch
Microsoft released an out-of-band security update to patch a remote code execution (RCE) vulnerability impacting Server Message Block (SMB) on Thursday, just two days after its regular Patch Tuesday releases.
The software vendor was obliged to rush out a fix after security partner inadvertently disclosed details of the flaw, which is of a type previously exploited by high-profile threats such as the WannaCry worm.
If left unaddressed, the vulnerability (CVE-2020-0796) in Microsoft SMB 3.1.1 (SMBv3) could be exploited by a remote attacker to plant malicious code on vulnerable systems.
Exploitation would involve sending a specially crafted, compressed data packets to a targeted SMBv3 server.
The flaw stems from bugs in how “Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests”, an advisory from Microsoft explains.