US, WASHINGTON (NEWS OBSERVATORY) — Microsoft has released an emergency security update (KB4551762) for the Windows 10 operating system version 1909 and 1903.
The patch fixes a vulnerability in the Server Message Block 3.1.1 (SMBv3) network protocol, which is used to remotely access files, printers, and other network resources.
The “hole” discovered in Windows 10 allows attackers to execute arbitrary code on the side of the SMBv3 client or server. It is rather difficult to do this – in the case of the client, the hacker will need to set up the SMBv3 server in a certain way and convince the victim to connect to it. Despite this, Microsoft called the error “critical.”
Experts are concerned that due to the vulnerability in SMBv3, malicious code can automatically spread from one computer to another.
This was the case in 2017, when the WannaCry and NotPetya ransomware viruses, following the chain through the same SMB protocol, infected several hundred thousand computers (including Bashneft, Mars, Nivea networks, Auchan stores and Ukrainian government computers).
Attacks using the new vulnerability have not yet been recorded, and there will be no “more likely” attacks, Microsoft said. However, users are advised to install KB4551762 as soon as possible. You can check for a fix in Windows Update.
Contact us: [email protected]
Article is written and prepared by our foreign editors from different countries around the world – material edited and published by News Observatory staff in our US newsroom.