Microsoft releases emergency patch for Windows 10 flaw | Tech News

Microsoft releases emergency patch for Windows 10 flaw

The fix is available as KB4551762, an update for Windows 10, versions 1903 and 1909, and Windows Server 2019, versions 1903 and 1909.

By: INDO ASIAN NEWS SERVICE
| Updated on: Aug 20 2022, 19:49 IST
Windows 10.
Windows 10. (Pixabay)
Windows 10.
Windows 10. (Pixabay)

Microsoft has released a Windows patch for a security vulnerability that enabled attackers to transfer malicious code from one machine to another if they had the vulnerability without the knowledge of the users.

The fix is available as KB4551762, an update for Windows 10, versions 1903 and 1909, and Windows Server 2019, versions 1903 and 1909.

"Customers who have already installed the updates released on March 10, 2020 for the affected operating systems should install KB4551762 to be protected from this vulnerability," Microsoft said on Thursday.

The bug exists in the latest version of Window's server message block, known as SMB, which lets Windows communicate with devices, like printers and file servers, on the network and across the internet.

Also read: Microsoft Build physical event cancelled due to coronavirus

"A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client," the company said in a statement.

The detail rated bug were released on Tuesday as part of the software giant's typical monthly release of security patches, what it calls Patch Tuesday.

Also read: Microsoft Xbox Series X, Project xCloud details to be announced on March 18

"To exploit the vulnerability against a server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against a client, an unauthenticated attacker would need to configure a malicious SMBv3 server and convince a user to connect to it," the company added.

The security update addresses the vulnerability by correcting how the SMBv3 protocol handles these specially crafted requests.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 13 Mar, 14:26 IST
Tags:
NEXT ARTICLE BEGINS