Wednesday, March 11, 2020

Microsoft Server Message Block RCE Vulnerability

Original release date: March 11, 2020

Microsoft has released a security advisory to address a remote code execution vulnerability (CVE-2020-0796) in Microsoft Server Message Block 3.1.1 (SMBv3). A remote attacker can exploit this vulnerability to take control of an affected system. SMB is a network file-sharing protocol that allows client machines to access files on servers.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft Advisory ADV200005 and the CERT Coordination Center’s Vulnerability Note VU#872016 and apply the workaround until patches are made available.

This product is provided subject to this Notification and this Privacy & Use policy.

Posted at