9:30am, 13 Mar 2020
TLP Rating: White
Critical remote unauthenticated vulnerability in SMBv3
Microsoft's implementation of SMBv3.1.1 is vulnerable to a pre-authentication remote code execution. This would allow complete takeover of machines that expose SMB services to the network, and means that the vulnerability is wormable – able to spread autonomously.
A similar vulnerability in SMBv1 was responsible for the spread of the WannaCry ransomware, and this could result in similar attacks if not patched.