Windows 10 SMBGhost vulnerability confirmed by Microsoft

<p>Almost three months ago we have <a href&equals;"https&colon;&sol;&sol;www&period;wincert&period;net&sol;cast&sol;microsoft-accidentally-leaks-unpatched-wormable-exploit-in-smbv3-protocol&sol;" target&equals;"&lowbar;blank" rel&equals;"noopener noreferrer">published an article<&sol;a> about an accidental leak of unpatched wormable Windows 10 SMBGhost exploit in SMBv3 protocol&period;<&sol;p>&NewLine;<p><img class&equals;"alignnone size-full wp-image-3571" src&equals;"https&colon;&sol;&sol;www&period;wincert&period;net&sol;wp-content&sol;uploads&sol;2020&sol;03&sol;security-2688911&lowbar;640&period;jpg" alt&equals;"" width&equals;"640" height&equals;"359" &sol;><&sol;p>&NewLine;<p>Today&comma; the U&period;S Government cybersecurity agency has confirmed this vulnerability and warns Windows 10 users about ongoing malicious cyberattacks targeting systems that are still vulnerable by this three months old flaw&period;<&sol;p>&NewLine;<p>A remote code execution flaw exists in the way how Microsoft&&num;8217&semi;s SMBv3 protocol handles certain requests&period; Basically&comma; it allows for a maliciously constructed data packet sent to the server to run the arbitrary code execution&period;<&sol;p>&NewLine;<p>Even though the patch has been released not all Windows 10 PCs have it installed and thus are still vulnerable&period; Because this is a worm-type exploit it can spread rapidly between vulnerable systems&period;<&sol;p>&NewLine;<p>Microsoft&&num;8217&semi;s security update addressing the SMBGhost vulnerability for both Windows 10 1903 and 1909 versions can be found <a href&equals;"https&colon;&sol;&sol;portal&period;msrc&period;microsoft&period;com&sol;en-US&sol;security-guidance&sol;advisory&sol;CVE-2020-0796" target&equals;"&lowbar;blank" rel&equals;"noopener noreferrer">here<&sol;a>&period;<&sol;p>&NewLine;