Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Login or Register to Hide ads and Accessing all features on the forum
Navigation:   Red Security General News News Unpatched Wormable Windows SMBv3 RCE Zero-day Flaw Leaked in Microsoft Security Updat

News 

Unpatched Wormable Windows SMBv3 RCE Zero-day Flaw Leaked in Microsoft Security Updat

0 Replies, 1688 Views

Mr.Kurd

   03-12-2020, 09:39 AM
::1 Try me
Administrators
#1
Shocked 
In The Name OF Allah
Al-Salam Alekum

[Image: unpatched-wormable-windows-smbv3-rce-fla...uesday.png]

Another remote attack exposed and this way every W10 user have to do a urgent update again..

Quote:The vulnerability resides exists in the SMBv3 protocol that handles the certain request, an attacker could exploit this vulnerability by sending a specially crafted packet to a vulnerable SMBv3 Server.


No technical details have been disclosed, security firms Fortinet, Tenable provides short summaries about the vulnerability.

The vulnerability occurs in the way the software handles the malicious request crafted through a compressed data packet. An unauthenticated attacker could exploit the vulnerability within the context of the application and gains control over the system.

“To exploit the vulnerability against an SMB Server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against an SMB Client, an unauthenticated attacker would need to configure a malicious SMBv3 Server and convince a user to connect to it,” reads Microsoft statement.


The Source
Wa Salam Alekum
Rs
* Thankful to Allah *
Kurdy

Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Update Windows 10 to patch critical vulnerability in Microsoft store games News 0 1,782 11-06-2020, 04:22 AM
Last Post: News
Star News Google Project Zero Discloses Nasty Windows 0-Day Security Exploit Already In The Wi News 0 1,844 11-01-2020, 06:12 AM
Last Post: News
Star News Smashing Security podcast #200: Two flipping hundred News 0 1,950 10-15-2020, 09:28 AM
Last Post: News
Star News Top anti-virus, anti-malware products contain security flaws News 0 2,019 10-08-2020, 01:09 AM
Last Post: News
Star News Google warns of security holes in other vendors’ Android phones News 0 1,477 10-05-2020, 09:13 AM
Last Post: News
Star News OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks News 1 2,454 10-01-2020, 06:40 PM
Last Post: Mr.Kurd
Star News Zoom adds Two-factor authentication (2FA) as extra layer of security News 3 3,234 09-29-2020, 07:01 PM
Last Post: JJAskiz
Star News Homeland Security Issues Urgent Windows Security Warning Over Zerologon Exploit News 0 1,620 09-21-2020, 09:26 AM
Last Post: News
Star News Microsoft Exchange Server DlpUtils AddTenantDlpPolicy Remote Code Execution - CXSecu News 0 1,529 09-18-2020, 08:12 AM
Last Post: News
Star News Four More Bugs Patched in Microsoft’s Azure Sphere IoT Platform News 0 1,543 08-26-2020, 03:41 AM
Last Post: News



Users browsing this thread: 1 Guest(s)