Prevent the Next Worm that will Exploit SMB 2.0 and SMB 1.0

Microsoft released the June 2017 security update that fixes several major vulnerabilities with Windows.  If you want to prevent the next worm in your Windows network install this update https://technet.microsoft.com/en-us/library/security/4025685.aspx 

Security flaws fixed by this update:

  • Server service remote code execution
  • SMB 2.0 remote code execution
  • Printer spooler service remote code execution
  • Kerberos security exploit (elevation of privilege)
  • SMB 1.0 remote code execution
  • Microsoft Office remote code execution
  • Remote Desktop remote code execution
  • Internet Explorer memory corruption and remote code execution
  • Webdav remote code execution
  • Routing and Remote Access exploit
  • OLE remote code execution
  • Windows Search remote code execution
  • Win32 Kernel mode driver expoit (elevation of privilege)

 

This update was serious enough that Microsoft created updates for Windows Server 2003 and Windows XP as well.  The last time they did this is was to help mitigate Wannacry.  The next worm is on the horizon.

This could be foretelling a nastier future where all servers and desktops will have to be hardened on our internal networks to where only needed resources are exposed and everything else is defaulted to deny access.  This is not something normally done on internal Windows domains.

 

Resources:

Microsoft Security Advisory CVE-2017-8543

https://technet.microsoft.com/en-us/library/security/4025685.aspx

Microsoft, Adobe Ship Critical Fixes

https://krebsonsecurity.com/2017/06/microsoft-adobe-ship-critical-fixes/

Windows Operating System Hardening

Securing Windows Workstations: Developing a Secure Baseline

Leave a Reply

%d bloggers like this: