Working exploit code that achieves remote code execution on Windows 10 machines is now publicly available for CVE-2020-0796, a critical vulnerability in Microsoft Server Message Block (SMB 3.1.1).
More refined versions of the exploit are expected to emerge, especially since at least two cybersecurity companies created exploits for the vulnerability and have been holding back the release since April.
Critical severity
Known by various names (SMBGhost, CoronaBlue, NexternalBlue, BluesDay), the security flaw can be leveraged by an unauthenticated attacker to spread malware from one vulnerable system to another without user interaction.
... ...