Windows 10 1903 / 1909 SMBv3 security patches

Archive
1

Folks, if you are running Windows 10 version 1903 or 1909, and you are NOT a seeker for Windows Updates (meaning you are not allowing updates to download automatically). Make sure you "manually" get and install KB4551762, which patches the SMBv3 security hole annotated in Microsoft Portal. You may also be offered KB4537572 which is a .NET 3.3 / 4.8 update. Patch up, stay secure.

Cheers

2

Ionut Ilascu's 05-Jun-2020 BleepingComputer article Windows 10 SMBGhost bug gets public proof-of-concept RCE exploit reports that a working exploit that achieves remote code execution on Win 10 Version 1903 and 1909 machines is now publicly available for CVE-2020-0796, a critical vulnerability in Microsoft Server Message Block (SMB 3.1.1).  Win 10 Version 1903 and 1909 users should ensure update KB4551762 (OS Builds 18362.720 and 18363.720, released 12-Mar-2020) or later has been applied to patch this vulnerability. Until now, security researchers were able to exploit SMBGhost but the results were limited to local privilege escalation (LPE) and denial of service (blue screen).  From Ionut's post today:

"...Known by various names (SMBGhost, CoronaBlue, NexternalBlue, BluesDay), the security flaw can be leveraged by an unauthenticated attacker to spread malware from one vulnerable system to another without user interaction.

SMBGhost affects Windows 10 versions 1909 and 1903, including Server Core. Microsoft patched it in March, warning that exploitation is “more likely” on both older and newer software releases and that it is as critical as can be: maximum severity score of 10.

All an attacker would need to do to exploit it is send a specially crafted packet to a targeted SMBv3 server. The result would be similar to the WannaCry and NotPetya attacks from 2017, which used the EternalBlue exploit for SMB v1...."

Kudos to Woody Leonhard for posting about this today on AskWoody.com at A March security patch, for CVE-2020-0796, gets a publicly available proof of concept.
-------------
64-bit Win 10 Pro v1909 build 18363.836 * Firefox ESR v68.9.0 * Windows Defender v4.18.2005.5 * MB Free v3.8.3
Dell Inspiron 15 5584, Intel i5-8265U@1.60/1.80 GHz, 8 GB RAM, Toshiba 256 GB SSD, Intel UHD Graphics 620

3

Out-of-Band Windows Updates Patch Wormable SMB Vulnerability - March 12, 2020
https://www.securityweek.com/out-band-windows-updates-patch-wormable-smb-vulnerability