"A New Wormable Windows Vulnerability Has No Patch in Sight"
Microsoft released a security advisory about a remote code execution vulnerability (CVE-2020-0796) contained by Mircosoft Server Message Block 3.1.1 (SMBv3), which affects Windows 10 and Windows Server 2019. The SMB protocol is a client-server communication protocol used for sharing files, printers, serial ports, and other resources on a local network and through the Internet. According to Microsoft, the exploitation of this security flaw could allow attackers to execute malicious code on servers and end-user computers that use SMBv3. Other advisories published by Fortinet and Cisco's Talos have said that the vulnerability derives from a buffer overflow in vulnerable Microsoft servers and can allow malicious actors to set off a chain reaction, leading to the spread of attacks from machine to machine without the need for interaction from administrators or users. This article continues to discuss findings regarding where Microsoft SMB RCE vulnerability comes from and what the exploitation of this vulnerability could allow attackers to do.
Wired reports "A New Wormable Windows Vulnerability Has No Patch in Sight"