Eternal Darkness flaw exists in Windows 10.

General
Eternal Darkness flaw exists in Windows 10.

The U.S. Cybersecurity Infrastructure Security Administration (CISA) has issued a warning that hackers are actively exploiting a patched flaw in Windows 10. Both sound ominous, and for good reason. If left unpatched, attackers can gain unauthorized remote access to target systems and wreak havoc.

Microsoft issued an out-of-band patch for this vulnerability in March. Out-of-band patches are typically only applied to security issues that require immediate attention.

In this case, the flaw concerns the Server Message Block (SMB) protocol in Windows 10. This is essentially a network file sharing protocol that provides shared access to files, printers, and other resources between PCs on a network.

Eternal Darkness/SMBGhost affects version 3.11 of the protocol, which, as ThreatPost notes, is the same version that was targeted by the WannaCry ransomware several years ago. Also, like WannaCry, it has a "worm" function that can quickly infect multiple PCs over a network.

Despite the patch being applied in March, a Twitter user recently posted a proof-of-concept exploit that allows attackers to remotely execute malicious code on GitHub, along with a video showing the exploit. The code has been used to attack Windows 10 PCs that have not been recently patched.

"Although Microsoft disclosed the vulnerability in March 2020 and provided an update, recent open source reports indicate that malicious cyber actors are targeting unpatched systems with a new PoC. CISA uses firewalls to block SMB ports from the Internet and strongly recommend that patches for critical and highly critical vulnerabilities be applied as soon as possible."

If you haven't run Windows Update in a while, you should do so now to ensure that the patch is installed. The May 2020 update (version 2004) for Windows 10 also should be applied if you have been putting it off, as it does not affect the latest release. Be sure to back up your important files in case something goes wrong.

Categories