Microsoft’s Windows 10 user interface

Windows 10 systems are still vulnerable from cyber attacks done by threat actors to a 3 month old security flaw that is critical warns U.S Gov cybersecurity agency.

The flaw is registered as CVE-2020-0796 also known as SMBGhost, which is also considered dangerous as it can be used to exploit, enable remote control, Arbitrary code execution, weaponize and control the victims system. Microsoft had released a patch for it some months ago.

The US Department of homeland’s CISA (Cyber security and Infrastructure security Agency) has confirmed that it is aware of PoC that is publicly available and warns,” Malicious cyber actors are targeting unpatched systems with the new PoC according to the recent open-source reports.”

Meanwhile what you can do to safeguard yourself:

  • use firewall to block SMB ports from the internet.
  • apply the patch and updates as soon as possible.

CISA Notice: https://www.us-cert.gov/ncas/current-activity/2020/06/05/unpatched-microsoft-systems-vulnerable-cve-2020-0796

CVE information: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796

By Siddhant Pathak

Cyber security architect, 7+ years experience in cyber security industry, Tech savy, Nature lover, Bullet 350 rider

Have some thoughts? why not share with us here.