Windows 10 1903 and 1909 began receiving an emergency update through Windows Update in the past few hours. The patch code is KB4551762, and brings the build number to 18362.720 and 18363.730 respectively. Remember that, unlike the other versions of Windows 10, the 1909 is basically a big cumulative update of the 1903, with the same files and the same functions, then it is updated by the same patch.
Microsoft releases a new Windows 10 emergency patch to fix the SMBv3 dangerous bug
KB4551762 has only one purpose: it closes a vulnerability in the SMBv3.1.1 protocol, quite dangerous because it allowed to execute unauthorized code remotely – thus effectively making the system vulnerable to remote hacker attacks. Fortunately, there are no clues to suggest that some attacker was actively exploiting this bug to do damage. However, now that the vulnerability information is public, the installation of the patch becomes much more urgent for obvious reasons.
As the Sophos security researchers explain, the vulnerability exploits one of the Windows kernel drivers. It can, respectively, write and read into the system kernel. The main attack methods can be:
- By infecting a computer on the network, malware can quickly spread to all systems with file sharing enabled, including servers;
- You can trick the user into connecting to an infected server;
- It allows the hacker to gain wider access privileges than he would be allowed to have.
As we said, the patch has been in distribution for a few hours on Windows Update, and it affects only the last two versions of the Microsoft OS. If for some reason you have not received it, you can download it and install it manually by clicking HERE.
It is worth mentioning that recently, Microsoft has announced that it is about to put an end to Necurs, one of the most dangerous botnets in the recent years.