Windows 10 Vulnerability Warning
The Cybersecurity and Infrastructure Security Agency (CISA), a component of the Department of Homeland Security, has published a bulletin regarding a known Microsoft vulnerability.
This exploit affects the Server Message Block protocol, also known as SMB. This protocol is utilized by the standard “Scan – to – Folder” feature of MFPs to deliver scans to destination folders.
“Once exploited, the bug gives the attacker unfettered access to a Windows computer to run malicious code, like malware or ransomware, remotely from the internet.
Worse, because the code is “wormable,” it can spread across networks, similar to how the NotPetya and WannaCry ransomware attacks spread across the world, causing billions of dollars in damage.”
Microsoft has issued a patch for this vulnerability with its latest updates. However, this is not the first time we’ve seen a critical exploit of this protocol and I feel confident it will not be the last.
What Should I Do?
Even though Microsoft published a patch months ago, tens of thousands of internet-facing computers are still vulnerable, prompting the advisory. CISA also encourages users and administrators to review the following resources and apply the necessary updates or workarounds.
- Microsoft Security Guidance for CVE-2020-0796
- Microsoft Advisory ADV200005
- CERT Coordination Center’s Vulnerability Note VU#872016
Please do not hesitate to reach out to our team if you’d like more information. We can provide you guidance on a solution and provide you with a safe and secure alternative for scanning.
Learn More:
CISA Bulletin: Unpatched Microsoft Systems Vulnerable to CVE-2020-0796
TechCrunch.com Article: Homeland Security Warns Over ‘Wormable’ Windows 10 Bug
PRECAUTION: WINDOWS 10 VULNERABILITY
If you haven’t updated Windows recently, now would be a good time!
We’re Here For You
We take a consultative approach. By focusing on your business goals, we create an individually tailored solution with today’s cutting edge technology. We know our success is tied to our client’s success. Reach out for a free consultation!