On Tuesday, Microsoft released cumulative updates for all supported versions of Windows 10 with security improvements for Edge, Internet Explorer and other components. During the Patch Tuesday updates rollout, details about a new “wormable” vulnerability in SMBv3 protocol accidentally leaked online.
Microsoft Server Message Block (SMB) protocol vulnerability has been labelled as CVE-2020-0796 and researchers discovered that the fix was not included in this month’s Patch Tuesday updates.
Today, Microsoft is rolling out Windows 10 KB4551762 update to patch the critical SMBv3 vulnerability. KB4551762 replaces KB4540673 on Windows 10 version 1909 and 1903 computers, and it is rolling out via Windows Update.
According to Microsoft, KB4551762 patches SMBv3 wormable bug (also known as SMBGhost, EternalDarkness) that leaked earlier this week.
SMBv3 vulnerability is more concerning because the same protocol previously helped attackers during the WannaCry and NotPetya ransomware.
The Redmond firm says users can download and install the important security update by checking for updates in Update & Security > Windows Update. Unlike the preview updates, this is a mandatory patch and it will install automatically in the background at some point if you don’t install it manually today.
For those who want to manually patch their computers, Microsoft has also published the offline installers.
Download Links for Windows 10 KB4551762
Windows 10 KB4551762 Direct Download Links: 32-bit (x86) and 64-bit.
As people have observed, enterprises can also disable the SMB compression, which is good inbound mitigation, but Microsoft recommends everyone to apply the patch. If you go with the registry change, only inbound migration is applied, but the patch helps with both inbound and outbound vectors.
In this patch, Microsoft says it’s aware of one known issue plaguing Windows Server containers where you might encounter issues with 32-bit apps and processes.
Windows 10 Build 18363.720 update package size is around 400MB for 64-bit systems and 200MB for 32-bits. This is a full-size cumulative update and if you haven’t installed Tuesday update, you’ll only get Build 18363.720 with SMBv3 and other fixes.
In related news, people have reported that this month’s cumulative update leads to BSOD and system crashes. Microsoft has yet to acknowledge the issue, but it’s still early in the morning in Redmond.