Microsoft Issues Fix For Critical Windows 10 SMBv3 Wormable Exploit, Update Now
Not only was this vulnerability not supposed to have been revealed to the public in this manner, but Microsoft [at the time] did not have a patch available to properly address it. Over the past two days, Microsoft has been working overtime to undo some of the damage that it caused in its mistaken reveal with the release of its latest cumulative update: KB4551762.
Unsurprisingly, there's only one fix listed in the official patch notes for KB4551762:
- Updates a Microsoft Server Message Block 3.1.1 protocol issue that provides shared access to files and printers.
Microsoft says that KB4551762 is only applicable to Windows 10 v1903 and v1909, which are the only two versions of its operating system that are still actively supported by the software giant. As it typically the case with new cumulative updates, there is [at least] one known issue that has not yet been resolved:
- When using Windows Server containers with the March 10, 2020 updates, you might encounter issues with 32-bit applications and processes.
It should be noted that unlike the troublesome KB4535996 update, which was optional, KB4551762 is a mandatory install for Windows 10. So that means that if you don't go ahead and install it manually, it will eventually be applied to your system over the coming weeks.