The Cybersecurity and Infrastructure Security Agency (CISA) has released a warning that Proof of Concept (PoC) code has been published to exploit a vulnerability in Windows that can be executed remotely, is wormable and can give an unauthenticated attacker full SYSTEM level privileges on unpatched systems. It is reasonable to assume the PoC code will be weaponozed very quickly if it has not been already.
Microsoft released an update on March of 2020 to patch this vulnerability and organizations are encouraged to patch now if they have not already.
This vulnerability also underscores the need for organizations to block and log inbound and outbound SMB traffic between their internal network(s) and the Internet.
If you do not have a patch management system or would like information on how Cyber Tech Cafe can help you defend your organization against this and other threats, we’d love to talk to you about our MyIT program and the benefits that our current MyIT clients are enjoying.
– https://www.kb.cert.org/vuls/id/872016/
– https://www.us-cert.gov/ncas/current-activity/2020/06/05/unpatched-microsoft-systems-vulnerable-cve-2020-0796