Update KB4551762 patches SMBv3 protocol bug

Don Sharpe
by Don Sharpe
Author
Loading Comments
Download PDF
Affiliate Disclosure

Hacker

Cumulative updates KB4551762 for Windows 10 versions 1903 and 1909 are now live. The files contain critical security fixes and a couple of quality enhancements for the operating systems.

But the patch for the bug affecting the Microsoft Server Message Block 3.1.1 (SMBv3) protocol is the star of the latest CU.

Ad

The SMB 3 protocol issue (CVE-2020-0796)

The bug came to the fore after Microsoft inadvertently revealed it when it rolled out the March Patch Tuesday updates. Next, the company issued an advisory that included suggestions for circumventing the SMB 3 protocol glitch.

If you have not tried implementing any of the proposed workarounds yet, there is no cause for alarm. Microsoft has announced a patch for the problem.

Updates a Microsoft Server Message Block 3.1.1 protocol issue that provides shared access to files and printers.

CVE-2020-0796 is a remote code execution (RCE) vulnerability

Microsoft said that malicious actors could take advantage of the CVE-2020-0796 vulnerability to launch a server- or client-side attack. Worse still, they would not need to supply the correct user credentials to remotely send a specially-crafted request to an SMBv3 server of interest.

It appears that such a hacker would have to rely on an authenticated user to attack an SMB 3 client.

Thanks to CU KB4551762, the tool is no longer vulnerable to such illicit, RCE coding.

The security update addresses the vulnerability by correcting how the SMBv3 protocol handles these specially crafted requests.

The SMB 3 protocol makes it possible for applications to share files and printers in a computer network. So, when it is a potential target for hackers, patching is not optional.

Keep in mind that Microsoft only said the workaround it proposed might be helpful. In other words, it was a stopgap measure you would not count on in some scenarios.

It is not hard to imagine the kind of damage a hacker would do if they exploited the CVE-2020-0796 vulnerability and accessed sensitive personal data or confidential files in your organization.

Now is the time to patch

The KB4551762 patch installs on your PC automatically if you usually access the latest OS updates via the Windows Update channel.

You may also update manually after downloading the package from the Windows Update Catalog. The third option is automatic syncing with Windows Server Update Services based on your Products and Classifications settings.

Do not forget to backup your files and data before updating to the latest Windows 10 build, though.