Microsoft has released out-of-band security updates to address a remote code execution vulnerability (CVE-2020-0796) in Microsoft Server Message Block 3.1.1 (SMBv3). A remote attacker could exploit this vulnerability to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following resources and apply the necessary updates or workarounds.
• Microsoft Security Guidance for CVE-2020-0796
• Microsoft Advisory ADV200005
• CERT Coordination Center’s Vulnerability Note VU#872016