Recently, there have some news that related to Windows 10 Exploit been considered as Critical after the Emergency Microsoft’s Update. The vulnerabilities have been disclosed as SMBGhost or also known as CVE-2020-0796.
Late March 10, Microsoft have been released an patch for Windows but one of vulnerabilities have been reveal to the public without having the issues fix.
A heads-up for those are not familiar with SMBGhost, it’s a vulnerability that resides within SMB service. An exploit to these vulnerabilities could enable any remote and malicious code executes and will be a success when the attacker able to control the victim’s targeted system.
Source: CVE-2020-0796: Patching SMBGhost
A website of the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that some Microsoft System is vulnerable to this vulnerability due to the unpatched system. They also mention on the website that they are aware of any “publicly available and functional” as proof of concept (POC).
For the security purpose, the user can go on with the blocking any unauthorised access to the Windows System. The user can disable the SMBv3 compression by typing the following workaround command
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" DisableCompression -Type DWORD -Value 1 -Force