Welcome to the

AdGuardian Plus Blog

News

Microsoft was forced to patch an RCE vulnerability

Patch server vulnerabilities

Microsoft patched an RCE vulnerability as an emergency. But this happened only after some security partners accidentally disclosed the Server Message Block (SMB) protocol.

The fix from Microsoft addresses a remote code execution vulnerability (RCE). This is because it could allow attackers to execute code on a victim’s server or client. So, analysts considered it to be very dangerous.

“To exploit the vulnerability against a server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against a client, an unauthenticated attacker would need to configure a malicious SMBv3 server and convince a user to connect to it,” Microsoft explained. So, the new security update corrects the way the SMBv3 protocol handles these special requests. This, way, the company prevents any possibility that a potential attacker could execute code on victim’s server or client.

No interaction needed to spread

SophosLabs consider that the flaw, named SMBGhost, does not require user interaction to spread, so it’s wormable. In fact, WannaCry attackers exploited another such bug in 2017.

Although it did not scan for exposed clients, Kryptos Logic, a security vendor, claimed that about 48.000 servers are at risk right now because of the new vulnerability. So, this could be a very important breach.

In fact, Microsoft had to rush the patch the RCE vulnerability as some of its partners on the Microsoft Active Protection Program offered details on the vulnerability.

Also, its decision came just a few days after it managed to bust the dangerous Necurs botnets. They managed to disrupt it after years of efforts and different types of approaches. In order to do this, researchers performed forensic analysis and also reverse engineering, malware analysis or modules updates. Although it was a major event for Microsoft, it seems they did not have the chance to enjoy this achievement.

Laurentiu Titei
About author

Laurentiu, a creative content writer, has been producing articles about technology for more than 10 years. He is interested in all the security and internet news and his mainstream media background helps make them readable for all kinds of users. Moreover, he grows the appropriate social media channels for websites.
Related posts
News

Ad injection campaign used ad-blocking Chrome extension

News

Companies use Google ads to promote spying apps

News

Phishing scams: Chinese malware gang targets India

News

The Facebook outage shows us how much their ads value

Leave a Reply

Your email address will not be published. Required fields are marked *