Microsoft has had to release an emergency patch to update Windows 10 earlier than planned. But events were rushed after the Internet leak. In this case, we are talking about a serious security breach in the SMBv3 protocol. Used to share files, printers and other resources on local networks. We give you all the keys to this emergency patch for Windows 10.
Server Message Block (SMB)1 is a network protocol that allows file sharing. As well as printers and other resources. Between nodes in a computer network using the Microsoft Windows operating system. Originally, IBM developed SMB. However, the most common version is the one that has been extensively modified by Microsoft. There is also Samba, which is a free implementation of the SMB protocol with Microsoft’s extensions. It works on GNU/Linux operating systems and other UNIX. The SMBv3 protocol was introduced in Windows 8. As well as in Windows Server 2012.
Emergency Patch KB4551762
The emergency update is available for Windows 10 in versions 1903 and 1909. In addition to Windows Server 2019, versions 1903 and 1909. The vulnerability, listed under the code CVE-2020-0796, affects the SMBv3 protocol. In case of being “exploited” by an attacker, it could connect remotely to a computer. If it has the SMB service activated and loads malicious code into a system.
And how has its existence been filtered out on the Internet? It is due to communication problems between Microsoft itself and some antivirus manufacturers. The major antivirus manufacturers found that the vulnerability could allow devastating worms to spread. With capabilities similar to those of WannaCry and NotPetya.
Those in Redmond were not aware that it was being exploited by cybercriminals. So they had no plans to release the patch this month. However, the online leak of all the details of the security flaw forced them to do so. In addition, the patch release coincides with different proof-of-concept tests carried out by several researchers.
Therefore, we recommend all Windows 10 and Windows Server 2019 users to update their systems with this patch KB4551762 (or equivalent version for their system). If this is not possible for any reason, Microsoft has published a security advisory with possible solutions to mitigate its effect. However, the main solution is to install the released patch. If you got this post, check out our latest post on how to uninstall updates in Windows 10