SMBGhost (or SMBleedingGhost or CoronaBlue) is a type of
security vulnerability, with
wormlike features, that affects
Windows 10 computers and was first reported publicly on 10 March 2020.
Security vulnerability
A
proof of concept (PoC)
exploit code was published 1 June 2020 on
GitHub by a security researcher.
The code could possibly spread to millions of unpatched computers, resulting in as much as tens of billions of dollars in losses.
recommends all users of Windows 10 versions 1903 and 1909 and Windows Server versions 1903 and 1909 to install patches, and states, "We recommend customers install updates as soon as possible as publicly disclosed vulnerabilities have the potential to be leveraged by bad actors ... An update for this vulnerability was released in March
020
020 is the national dialling code for London in the United Kingdom. All subscriber numbers within the area code consist of eight digits and it has capacity for approaching 100 million telephone numbers. The code is used at 170 telephone exch ...
and customers who have installed the updates, or have automatic updates enabled, are already protected."
Workarounds, according to Microsoft, such as disabling SMB compression and blocking port 445, may help but may not be sufficient.
According to the advisory division of
Homeland Security, "Malicious cyber actors are targeting unpatched systems with the new
hreat ...
ndstrongly recommends using a firewall to block server message block ports from the internet and to apply patches to critical- and high-severity vulnerabilities as soon as possible."
References
External links
*
* (12 March 2020)
* (12 March 2020)
* (13 March 2020)
* (13 March 2020)
* (4 April 2020)
* (10 June 2020)
{{Portal bar, Business and economics, Computer programming
Computer security
2020 in computing