Stories
Slash Boxes
Comments

SoylentNews is people

Windows has a New Wormable Vulnerability -- No Patch in Sight

posted by martyb on Wednesday March 11 2020, @04:31PM   Printer-friendly
from the who-remembers-the-Morris-Worm? dept.

DannyB writes:

Windows has a new wormable vulnerability, and there's no patch in sight:

The vulnerability exists in version 3.1.1 of the Server Message Block 3.1.1 that's used to share files, printers, and other resources on local networks and over the Internet. Attackers who successfully exploit the flaw can execute code of their choice on both servers and end-user computers that use the vulnerable protocol, Microsoft said in this bare-bones advisory.

The flaw, which is tracked as CVE-2020-0796, affects Windows 10 and Windows Server 2019, which are relatively new releases that Microsoft has invested huge amounts of resources hardening against precisely these types of attacks. Patches aren't available, and Tuesday's advisory gave no timeline for one being released.

[...] In the meantime, Microsoft said vulnerable servers can be protected by disabling compression to block unauthenticated attackers from exploiting the vulnerability against an SMBv3 server. Users can use the following PowerShell command to turn off compression without needing to reboot the machine:

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" DisableCompression -Type DWORD -Value 1 -Force

That fix won't protect vulnerable client computers from attack. Microsoft also recommended users block port 445, which is used to send SMB traffic between machines.

[...] Jake Williams, a former NSA hacker and the founder of security firm Rendition Security, said in a Twitter thread that both those factors would likely buy vulnerable networks time.

"The TL;DR here is that this IS serious, but it isn't WannaCry 2.0," he wrote. "Fewer systems are impacted and there's no readily available exploit code. I'm not thrilled about another SMB vuln, but we all knew this would come (and this won't be the last). Hysteria is unwarranted though."

As if admins who are trying to support all the additional people who are trying to work remotely — thanks to COVID-19 — had nothing else to worry about.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Windows has a New Wormable Vulnerability -- No Patch in Sight | Log In/Create an Account | Top | 18 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Wednesday March 11 2020, @07:30PM (5 children)

    by Anonymous Coward on Wednesday March 11 2020, @07:30PM (#969768)

    Three Fine Articles on the front page are Microsoft topics. I do not use Microsoft. I do not know anyone who uses Microsoft. Why should I have to wade through all this coverage of the flaws of a toy operating system, to try and get some STEM news? Please, eds, select more pertinent articles.

  • (Score: 5, Touché) by Osamabobama on Wednesday March 11 2020, @08:57PM

    by Osamabobama (5842) on Wednesday March 11 2020, @08:57PM (#969820)

    I don't use SpaceX products, but I enjoy the variety.

    --
    Appended to the end of comments you post. Max: 120 chars.

  • (Score: 4, Funny) by Anonymous Coward on Thursday March 12 2020, @12:32AM (3 children)

    by Anonymous Coward on Thursday March 12 2020, @12:32AM (#969948)

    The fine editors are posting the Microsoft articles just for you. They know they increase your level of irritation. The plan is to increase your irritation slowly, up to the level of rage, and perhaps a murderous rage.

    You see, this site is made only for you. You are the test subject. Your emotional state is the only true concern of this site and its operators. All the other supposed posters are all false, including me, and are included only to help hide that the sole use of this site is to research you and the best ways to manipulate you.

    All the articles and posts are made solely to twist and warp your mind, slowly, oh so slowly. To see if you can be made to suffer. Made to endure all that you can. Perhaps to see how long until you snap completely, and go mad, utterly mad.

    Of course you won't believe this post. That's why we're making it the post. To give another slight, ever so slight, twist of the knife into your mind. Like with the next Microsoft story. And the next one. And the next one...

    • (Score: 0) by Anonymous Coward on Thursday March 12 2020, @01:27AM

      by Anonymous Coward on Thursday March 12 2020, @01:27AM (#969983)

      Are there any past "test subjects" still participating with posting comments?

    • (Score: 0) by Anonymous Coward on Thursday March 12 2020, @02:13AM

      by Anonymous Coward on Thursday March 12 2020, @02:13AM (#970019)

      You see, this site is made only for you. You are the test subject.

      Oh. That's who that is? I didn't realize it was JMichaelHudsondotnet [soylentnews.org] posting as AC.

      The more you know...

    • (Score: 2) by TrentDavey on Thursday March 12 2020, @11:42PM

      by TrentDavey (1526) on Thursday March 12 2020, @11:42PM (#970461)

      I read a sci-fi story like this:
      An alien wanders the house he lives in and finds a door he had never previously seen. He goes through into the basement and finds human scientists that explain to him that the species that he was a part of were impervious to any normal attacks but broke down under stress and they had set this all up to study how to kill them. Needless to say, the alien shimmers and melts.

      Or was it The Matrix?