Home / Security / Security: Microsoft issues emergency Windows 10 patch for leaked vulnerability

Security: Microsoft issues emergency Windows 10 patch for leaked vulnerability

Security:

The security hole exists in Microsoft’s Server Message block (SMB) protocol on recent 32- and 64-bit versions of Windows 10 both on the client and server sides. Researchers from Microsoft and elsewhere labeled it critical because the compromise of a single machine could compromise others on the same network. Microsoft said that there’s no evidence so far that the flaw is being actively exploited, but said it’s “more likely” than not to happen in the future.

An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client. To exploit the vulnerability against a server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against a client, an unauthenticated attacker would need to configure a malicious SMBv3 server and convince a user to connect to it.

Windows 10 has strong defenses that make that scenario unlikely, but motivated and skilled attackers could likely engineer successful attacks. To prevent against that, users (especially those on networks) should install the KB4551762 security update as soon as possible or follow Microsoft’s mitigation

Read More

About admin

Check Also

Security: Zoom freezes feature development to fix security and privacy issues

Security: Zoom freezes feature development to fix security and privacy issues

Zoom has been widely criticized over the past couple of weeks for terrible security, a poorly designed screensharing feature, misleading dark patterns, fake end-to-end-encryption claims and an incomplete privacy policy. Despite that, the video conferencing service has attracted a ton of new users thanks to the coronavirus lockdowns around the world — the company reached…

Leave a Reply

Your email address will not be published. Required fields are marked *