{"id":13633,"date":"2020-03-12T18:51:12","date_gmt":"2020-03-12T17:51:12","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=13633"},"modified":"2022-01-03T22:54:41","modified_gmt":"2022-01-03T21:54:41","slug":"windows-10-patch-for-smbv3-vulnerability-cve-2020-0796","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2020\/03\/12\/windows-10-patch-for-smbv3-vulnerability-cve-2020-0796\/","title":{"rendered":"Windows 10: Patch for SMBv3 Vulnerability CVE-2020-0796"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"http:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/win102.jpg\" width=\"58\" height=\"58\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2020\/03\/12\/windows-10-patch-fr-smbv3-schwachstelle-cve-2020-0796\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]Microsoft has released on March 12, 2020 an out-of-band security update <a href=\"https:\/\/support.microsoft.com\/help\/4551762\/\" target=\"_blank\" rel=\"noopener noreferrer\">KB4551762<\/a> for the SMBv3 vulnerability CVE-2020-0796 in Windows 10 and Windows Server.<\/p>\n<p><!--more--><\/p>\n<h2>The SMBv3 Vulnerability CVE-2020-0796<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg02.met.vgwort.de\/na\/f87ab3511ae94ea7a2775193f65dc5de\" alt=\"\" width=\"1\" height=\"1\" \/>On March 10, 2020 a serious but unpatched vulnerability (<a href=\"https:\/\/kb.cert.org\/vuls\/id\/872016\/\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-0796<\/a>96) in the Windows SMBv3 protocol has become public. This vulnerability could allow the spread of worms, but is not currently believed to be exploited. Microsoft had stopped the release of a security update to close the vulnerability at the last second, but could not prevent the information from being published. Therefore, a security advisory <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/ADV200005\" target=\"_blank\" rel=\"noopener noreferrer\">ADV200005<\/a>was issued on March 10, 2020.<\/p>\n<p>The vulnerability (<a href=\"https:\/\/kb.cert.org\/vuls\/id\/872016\/\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-0796<\/a>)in Microsoft implementation of the SMBv3 protocol (version 3.1.1) affects the following versions of Windows:<\/p>\n<ul>\n<li>Windows Server Version 1903 (Server Core Installation)<\/li>\n<li>Windows Server Version 1909 (Server Core Installation)<\/li>\n<li>Windows 10 Version 1903 for 32-bit Systems<\/li>\n<li>Windows 10 Version 1903 for ARM64-based Systems<\/li>\n<li>Windows 10 Version 1903 for x64-based Systems<\/li>\n<li>Windows 10 Version 1909 for 32-bit Systems<\/li>\n<li>Windows 10 Version 1909 for ARM64-based Systems<\/li>\n<li>Windows 10 Version 1909 for x64-based Systems<\/li>\n<\/ul>\n<p>I had reported in detail in the blog post <a href=\"https:\/\/borncity.com\/win\/2020\/03\/11\/windows-smbv3-0-day-vulnerability-cve-2020-0796\/\">Windows SMBv3 0-day vulnerability CVE-2020-0796<\/a>.<\/p>\n<h2>Security update KB4551762 patches CVE-2020-0796<\/h2>\n<p>I received a security advisory from Microsoft regarding the SMBv3 vulnerability from Microsoft a few hours ago, announcing a security update. Furthermore, blog reader deoroller has pointed this out <a href=\"https:\/\/www.borncity.com\/blog\/2020\/03\/11\/windows-smbv3-0-day-schwachstelle-cve-2020-0796\/#comment-86663\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a> (thanks for that).<\/p>\n<h3>Das Microsoft Security Update Releases March 12, 2020<\/h3>\n<p>The two documents CVE-2020-0796 and ADV200005 have been revised because the update is available.<\/p>\n<p>&#8211; <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/2020-0796\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-0796<\/a> | Windows SMBv3 Client\/Server Remote Code Execution Vulnerability<br \/>\n&#8211; Version: 1.0<br \/>\n&#8211; Reason for Revision: Information published. CVE-2020-0796 resolves the issue<br \/>\ndiscussed in <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/ADV200005\" target=\"_blank\" rel=\"noopener noreferrer\">ADV200005<\/a>.<br \/>\nCustomers who have already installed the updates released on March 10, 2020<br \/>\nfor the affected operating systems should install KB4551762 to be protected from<br \/>\nthis vulnerability.<br \/>\n&#8211; Originally posted: March 12, 2020<br \/>\n&#8211; Updated: N\/A<br \/>\n&#8211; Aggregate CVE Severity Rating: Critical<\/p>\n<p>&#8211; <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-us\/vulnerability\/ADV200005\" target=\"_blank\" rel=\"noopener noreferrer\">ADV200005<\/a> | Microsoft Guidance for Disabling SMBv3 Compression<br \/>\n&#8211; Version: 2.0<br \/>\n&#8211; Reason for Revision: CVE-2020-0796 has been published to address this<br \/>\nvulnerability. Please see <a href=\"https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/advisory\/2020-0796\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-0796<\/a> &#8211; Originally posted: March 10, 2020<br \/>\n&#8211; Updated: March 12, 2020<br \/>\n&#8211; Aggregate CVE Severity Rating: N\/A<\/p>\n<h3>Update KB4551762 for Windows 10<\/h3>\n<p>Update <a href=\"https:\/\/support.microsoft.com\/help\/4551762\/\" target=\"_blank\" rel=\"noopener noreferrer\">KB4551762<\/a> is available for Windows 10 Version 1903, Windows Server Version 1903, Windows 10 Version 1909, and Windows Server Version 1909 and raises the build to 18362.720 (Windows 10 V1903) and 18363.720 (Windows 10 V1909).<\/p>\n<p><a href=\"https:\/\/i.imgur.com\/lAnrG7E.jpg\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" title=\"Update KB4551762 f\u00fcr Windows 10\" src=\"https:\/\/i.imgur.com\/lAnrG7E.jpg\" alt=\"Update KB4551762 f\u00fcr Windows 10\" width=\"584\" height=\"339\" \/><\/a><br \/>\n(<a href=\"https:\/\/i.imgur.com\/lAnrG7E.jpg\" target=\"_blank\" rel=\"noopener noreferrer\">Click to zoom<\/a>)<\/p>\n<p>The <em>Download<\/em> button in the figure above appears (according to the blog reader <em>deoroller<\/em>) on the Windows Update page only when a timed connection is used. Otherwise the update should be downloaded and installed automatically. The update only fixes the vulnerability in the compression of the SMB 3.1.1 protocol. The protocol is used when sharing files and printers on the network.<\/p>\n<blockquote><p>Important: If you applied the workaround to turn off compression from my blog post <a href=\"https:\/\/borncity.com\/win\/2020\/03\/11\/windows-smbv3-0-day-vulnerability-cve-2020-0796\/\">Windows SMBv3 0-day vulnerability CVE-2020-0796<\/a>, re-enable compression. Otherwise, performance issues may occur. For instructions on how to undo the workaround, see the blog post.<\/p><\/blockquote>\n<p><strong>Similar articles:<br \/>\n<\/strong><a href=\"https:\/\/borncity.com\/win\/2020\/03\/11\/windows-smbv3-0-day-vulnerability-cve-2020-0796\/\">Windows SMBv3 0-day vulnerability CVE-2020-0796<\/a>.<br \/>\n<a href=\"https:\/\/www.borncity.com\/blog\/2020\/03\/12\/scanner-fr-windows-smbv3-schwachstelle-cve-2020-0796\/\">Scanner f\u00fcr Windows SMBv3-Schwachstelle CVE-2020-0796<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Microsoft has released on March 12, 2020 an out-of-band security update KB4551762 for the SMBv3 vulnerability CVE-2020-0796 in Windows 10 and Windows Server.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,22,2],"tags":[2327,2326,69,195,76],"class_list":["post-13633","post","type-post","status-publish","format-standard","hentry","category-security","category-update","category-windows","tag-cve-2020-0796","tag-kb4551762","tag-security","tag-update","tag-windows-10"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/13633","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=13633"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/13633\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=13633"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=13633"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=13633"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}