Homeland Security warns over ‘wormable’ Windows 10 bug – By Zack Whittaker (Techcrunch) / June 8 2020
Homeland Security’s cybersecurity advisory unit is warning Windows 10 users to make sure that their systems are fully patched, after exploit code for a “wormable” bug was published online last week.
The code takes advantage of a security vulnerability patched by Microsoft back in March. The bug caused confusion and concern after details of the “critical”-rated bug were initially published but quickly pulled offline.
The exploit code, known as SMBGhost, exploits a bug in the server message block — or SMB — component that lets Windows talk with other devices, like printers and file servers. Once exploited, the bug gives the attacker unfettered access to a Windows computer to run malicious code, like malware or ransomware, remotely from the internet.
Worse, because the code is “wormable,” it can spread across networks, similar to how the NotPetya and WannaCry ransomware attacks spread across the world, causing billions of dollars in damage.
Continue to article: https://techcrunch.com/2020/06/08/homeland-security-windows-10-wormable-bug/