Windows

Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796) Technical Analysis and Solution

June 15, 2020

Overview

On March 11, Beijing time, Microsoft released March 2020 updates to fix vulnerabilities among which is a remote code execution vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3) indicated in a security bulletin released earlier. This vulnerability exists in the way the Microsoft SMBv3 protocol handles certain requests. An attacker could exploit this vulnerability in an unauthenticated way.

For the SMBv3 server, attackers could send a crafted packet to the server to trigger this vulnerability; for the SMBv3 client, attackers could trigger the vulnerability by tricking the user into connecting to a maliciously crafted SMB server.

(more…)

Windows SMBv3 Remote Code Execution Vulnerability (CVE-2020-0796) Technical Analysis and Solution

March 30, 2020

Overview

On March 11, Beijing time, Microsoft released March 2020 updates to fix vulnerabilities among which is a remote code execution vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3) indicated in a security bulletin released earlier. This vulnerability exists in the way the Microsoft SMBv3 protocol handles certain requests. An attacker could exploit this vulnerability in an unauthenticated way. (more…)

Windows CryptoAPI High Risk Vulnerability (CVE-2020-0601) Security Alert

January 27, 2020

Overview

 

On January 14, local time, one of the latest monthly patch updates from Microsoft fixed the Windows CryptoAPI spoofing vulnerability (CVE-2020-0601) discovered and reported to Microsoft by the National Security Agency (NSA), which affects Windows 10. , Windows Server 2016 and Windows Server 2019. (more…)