Searching
..

Click anywhere to stop

KLA11693
ACE vulnerability in Microsoft Windows

Updated: 02/24/2024
Detect date
?
03/12/2020
Severity
?
Critical
Description

A remote code execution vulnerability in Windows SMBv3 Client/Server can be exploited remotely via specially crafted packet to execute arbitrary code.

Exploitation

This vulnerability can be exploited by the following malware:

https://threats.kaspersky.com/en/threat/Intrusion.Win.CVE-2020-0796/

Public exploits exist for this vulnerability.

Affected products

Windows 10 Version 1909 for 32-bit Systems
Windows Server, version 1903 (Server Core installation)
Windows 10 Version 1903 for 32-bit Systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2020-0796

Impacts
?
ACE 
[?]
Related products
Microsoft Windows
Microsoft Windows Server
Microsoft Windows 10
KB list

4551762

Microsoft official advisories
Microsoft Security Update Guide
Find out the statistics of the vulnerabilities spreading in your region