Posted by: kurtsh | March 17, 2020

INFO: URGENT – CVE-2020-0796 Windows SMBv3 Client/Server Remote Code Execution Vulnerability

Microsoft pushed out this patch “out-of-band”, the day it was available, to all our clients & affected servers, and it required a mandatory reboot.

This is important.  Please review urgently.

The patch for the SMB compression RCE is released.

It applies to all Windows 10 version 1903 & 1909, and Windows Server version 1903 & 1909. Does not apply to Windows Server 2019, W10 LTSC, or any older OSes and versions.

Additionally, you will want to look at firewall best practices and configurations to enhance security and prevent malicious traffic from leaving computers or their network.

Here is guidance on how to accomplish this:

(Obtained from Ned Pyle.  Good thread here on the topic & background:


%d bloggers like this: