• It looks like the announced-but-not-fixed CVE-2020-0796 “CoronaBlue” vuln is only for Server 1903 and 1909

    Posted on March 11, 2020 at 08:21 CDT by Comment in the Forums

    I’ll have more details about this shortly, but many of you admins are rightly concerned about the CVE-2020-0796 security hole, which was announced, then not announced, then announced again in Microsoft ADV200005 | Microsoft Guidance for Disabling SMBv3 Compression.

    Long story short, it looks like MS was poised to release a patch yesterday, then decided at the last minute to cancel the patch — but somehow word of the cancellation didn’t make it to at least two organizations that published details about it.

    It looks like the security hole only affects Win10 1903, 1909, Server 1903 and 1909. Per Florian Roth:

    There’s a lot of information available about the hole and countermeasures from Satnam Narang on Tenable, from Sergiu Gatlan at BleepingComputer, Catalin Cimpanu at ZDNet and, in the past couple of hours, Dan Goodin at Ars Technica. Those of you running networks with SMBv3 should take a look.

    If you’re running a network on Win7 or Server 2008 R2, you’re good. SMBv3 didn’t even exist back then. ๐Ÿ™‚

    And if you aren’t in charge of a network, sit back and smile. You have other things to worry about.

    UPDATE: Catalin Cimpanu now says:

    I have now seen/talked to 3 different people claiming they found the bug in less than 5 minutes. I won’t be surprised if exploits pop up online by the end of the day.

    Windows Patches/Security ,
DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.