In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-09-19 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >
Share
Shulou(Shulou.com)06/01 Report--
In this issue, the editor will bring you about how to analyze the suspected remote exploitation of Microsoft SMB3 protocol. The article is rich in content and analyzed and described from a professional point of view. I hope you can get something after reading this article.
0x01 0x00 event description
On March 11, 2020, 360-CERT detected a notice of security rules issued by overseas manufacturers, which described a memory corruption vulnerability in Microsoft's SMBv3 protocol, serial number CVE-2020-0796, and said that the vulnerability could be exploited remotely without authorization verification and could lead to worm-level vulnerabilities.
Since Microsoft has not officially described the vulnerability numbered CVE-2020-0796, it is not possible to determine whether the vulnerability exists. 360-CERT advises users to keep an eye on the development of the vulnerability.
The announcement is described as follows [see reference link 1]:
The vulnerability is due to improper handling of compressed packets in SMB3 by the operating system. An attacker who successfully constructs a packet can exploit this vulnerability to execute arbitrary code remotely without authentication.
Affect the version
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows 10 Version 1909 for 32-bit Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows Server, version 1909 (Server Core installation)
0x02 timeline
2020-03-11 A manufacturer released a rule update, suspected of a serious loophole in SMBv3
2020-03-11 360-CERT follow up and release preliminary follow-up instructions to fix vulnerabilities
The above is how to analyze the suspected remote exploitation of Microsoft SMB3 protocol for you. If you happen to have similar doubts, please refer to the above analysis to understand. If you want to know more about it, you are welcome to follow the industry information channel.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
The market share of Chrome browser on the desktop has exceeded 70%, and users are complaining about
The world's first 2nm mobile chip: Samsung Exynos 2600 is ready for mass production.According to a r
A US federal judge has ruled that Google can keep its Chrome browser, but it will be prohibited from
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
About us Contact us Product review car news thenatureplanet
More Form oMedia: AutoTimes. Bestcoffee. SL News. Jarebook. Coffee Hunters. Sundaily. Modezone. NNB. Coffee. Game News. FrontStreet. GGAMEN
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
