-Bug is tracked as CVE-2020-0796. It impacts SMBv3, and described as wormable. It was announced in some security feeds, but it isn't included in the March 2020 Patch Tuesday. This does not mean there is a hack on the internet for it. Microsoft has published an advisory on how to disable SMBv3 compression until a patch is ready, you can get this fromthe below link;
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv200005
For understanding & controlling SMB inbound and outbound traffic in general, check out the link below;
https://support.microsoft.com/en-us/help/3185535/preventing-smb-traffic-from-lateral-connections
No comments:
Post a Comment