9:30am, 13 Mar 2020

TLP Rating: White

Critical remote unauthenticated vulnerability in SMBv3

Microsoft's implementation of SMBv3.1.1 is vulnerable to a pre-authentication remote code execution. This would allow complete takeover of machines that expose SMB services to the network, and means that the vulnerability is wormable – able to spread autonomously.

A similar vulnerability in SMBv1 was responsible for the spread of the WannaCry ransomware, and this could result in similar attacks if not patched.