Microsoft Leaks Info on Wormable Windows SMBv3 CVE-2020-0796 Flaw

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
Microsoft leaked info on a security update for a 'wormable' pre-auth remote code execution vulnerability found in the Server Message Block 3.0 (SMBv3) network communication protocol that reportedly should have been disclosed as part of this month's Patch Tuesday.

The vulnerability is due to an error when the SMBv3 handles maliciously crafted compressed data packets and it allows remote, unauthenticated attackers that exploit it to execute arbitrary code within the context of the application.

Even though the vulnerability advisory was not published by Microsoft (no explanation for this was released by Redmond so far), a number of security vendors part of Microsoft Active Protections Program who get early access to vulnerability information did release details on the security flaw tracked as CVE-2020-0796.
... ...
...
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Another problem, and many others will follow, which does not concern Windows XP.
It cannot exploit the XP machine directly (also Windows Vista and Windows 7). But, it is not clear that the XP system cannot be infected indirectly via SMB1 and Windows 7 (Vista) via SMB1 or SMB2, if another connected device uses the exploited SMB3.

Post edited/corrected. Added the Windows versions not affected directly by SMB3 vulnerability
 
Last edited:

Sampei Nihira

Level 6
Verified
Well-known
Dec 26, 2019
287
It cannot exploit the XP machine directly (also Windows Vista and Windows 7). But, it is not clear that the XP system cannot be infected indirectly via SMB1 and Windows 7 (Vista) via SMB1 or SMB2, if another connected device uses the exploited SMB3.

Post edited/corrected. Added the Windows versions not affected directly by SMB3 vulnerability

3. Are older versions of Windows (other than what is listed in the Security Updates table) affected by this vulnerability?

No, the vulnerability exists in a new feature that was added to Windows 10 version 1903. Older versions of Windows do not support SMBv3.1.1 compression.

 

Sampei Nihira

Level 6
Verified
Well-known
Dec 26, 2019
287
Immagine.jpg
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top