Alert

Microsoft Releases Out-of-Band Security Updates for SMB RCE Vulnerability

Last Revised

Microsoft has released out-of-band security updates to address a remote code execution vulnerability (CVE-2020-0796) in Microsoft Server Message Block 3.1.1 (SMBv3). A remote attacker could exploit this vulnerability to take control of an affected system.

 

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following resources and apply the necessary updates or workarounds.

•    Microsoft Security Guidance for CVE-2020-0796

•    Microsoft Advisory ADV200005

•    CERT Coordination Center’s Vulnerability Note VU#872016

This product is provided subject to this Notification and this Privacy & Use policy.