KLA11693
ACE vulnerability in Microsoft Windows

Updated: 04/22/2021
Detect date
?
03/12/2020
Severity
?
Critical
Description

A remote code execution vulnerability in Windows SMBv3 Client/Server can be exploited remotely via specially crafted packet to execute arbitrary code.

Exploitation

This vulnerability can be exploited by the following malware:

https://threats.kaspersky.com/en/threat/Intrusion.Win.CVE-2020-0796/

Affected products

Windows 10 Version 1909 for 32-bit Systems
Windows Server, version 1903 (Server Core installation)
Windows 10 Version 1903 for 32-bit Systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2020-0796

Impacts
?
ACE 
[?]
Related products
Microsoft Windows
Microsoft Windows Server
Microsoft Windows 10
CVE-IDS
?
CVE-2020-07967.5Critical
KB list

4551762

Microsoft official advisories
Microsoft Security Update Guide
Find out the statistics of the vulnerabilities spreading in your region