Monday, March 1, 13:34
Home security Security researchers took advantage of SMBGhost RCE vulnerability

Security researchers took advantage of SMBGhost RCE vulnerability


Researchers at Ricerca Security discovered and demonstrated one vulnerability in Windows 10, named CVE-2020-0796, which allows remote access to an intruder.

Vulnerability, also known as SMBGhost, was discovered in the Microsoft Server Message Block 3.1.1 (SMBv3) network communication protocol and only affects systems running Windows 10, versions 1903 and 1909, as well as the Server Core installations of Windows Server, 1903 and 1909 versions.

Although the Microsoft had decided not to reveal the vulnerability and not to issue security advice, some information about SMBGhost was leaked during Patch Tuesday last month by various security suppliers who are part of the company's Active Protections Program.

"An attacker who successfully exploits the vulnerability could gain the ability to execute code on the destination server or client." he explains Microsoft.

Following the release of several Proof-of-Concepts (PoC) exploits, including a denial of service developed by Kryptos Logic security researcher Marcus Hutchins, Microsoft has released updates. security for all affected platforms on 12 March.

"However, although there have already been many public reports and PoCs for LPE (Local Privilege Escalation), none of them have shown that an RCE is actually possible so far," said Ricerca Security researchers.

If the repair of all vulnerable Systems weren't urgent enough until now, Ricerca Security revealed yesterday a PoC RCE exploit for SMBGhost, with all the technical details behind it.

So far, however, Ricerca Security has decided not to publicly share the RCE PoC operation so that it does not exist. danger to fall into the wrong hands.

Researchers at Kryptos Logic have discovered about 48.000 Windows 10 computers that are vulnerable to attacks targeting the vulnerability of SMBGhost. If you have not yet repaired your Windows 10 systems against CVE-2020-0796, you should do so as soon as possible to rule out possible attacks.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


How often do you make security updates on your mobile?

After the recent revelation of Samsung, that it will give its phones security updates for four years, it makes sense for some to wonder ...

SEC investigation into Elon Musk for Dogecoin tweets Σύμφωνα με πληροφορίες, ο Διευθύνων Σύμβουλος της Tesla Elon Musk, βρίσκεται για ακόμα μια φορά κάτω...

YouTube Shorts is in beta in the United States

TikTok has caused a huge change in the field of social media. He managed to spread the meaning of short videos, and he did ...

Chrome: The sites will open in desktop mode on large Android tablets

Google Chrome is experimenting with a new feature that will automatically open web pages in desktop mode on an Android tablet that have several ...

Stalkerware: Russia, Brazil and the US were most affected in 2020

New research from the cyber security company "Kaspersky" points out that Russia, Brazil and the USA were the countries that were most affected ...

Why is the trend of selfie pop-up cameras being lost?

In recent years, technology companies have made bezels (also known as hoops) as thin as possible. In this way,...

Gab: Data from far-right users of the platform leaked

It was about a month and a half ago when Twitter and other major social networking platforms banned Donald Trump and other users with ...

T-Mobile: The company's customers received SIM swapping attacks!

The telecommunications provider "T-Mobile" revealed that it suffered data breach, after realizing that some of its customers were victims of SIM swapping attacks ....

Verizon: Turn off 5G so that the battery does not run out quickly

Despite the continued promotion of 5G smartphones and the $ 45 billion it spent on the new speed range, Verizon advises ...

A Berliner is in jail for threatening to bomb an NHS hospital

A Berliner is accused of blackmailing the National Health Service (NHS) and threatening to bomb a hospital. THE...