Advertisement

KB4551762 fixes SMBv3 vulnerability in Windows 10

Today, Microsoft releases a patch to address an SMBv3 security flaw. The patch number KB4551762 is applicable to Windows 10 version 1909, and version 1903. After installing the update, the OS version will be raised to 18363.720 and 18362.720, respectively.

Advertisеment

KB4551762 is a security update to the Microsoft Server Message Block 3.1.1 (SMBv3). It resolves issues with the SMBv3 protocol that provides shared access to files and printers.

The vulnerability only exists in a new compression feature added to Windows 10 version 1903 and 1909. Older Windows versions didn't receive that feature, so they remain not affected.

Here are some details on the security flaw that is now fixed by KB4551762.

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.

To exploit the vulnerability against a server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against a client, an unauthenticated attacker would need to configure a malicious SMBv3 server and convince a user to connect to it.

How to install the KB4551762 update

To download this update, open Settings - > Update &recovery and click on the Check for Updates button on the right.

Alternatively, you can get it from the Windows Update online catalog.

More details can be found HERE and HERE.

If for a reason you cannot install and apply the patch, the vulnerability can be mitigated by disabling the compression feature. Microsoft explains that this can be done with the following PowerShell command:
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" DisableCompression -Type DWORD -Value 1 -Force
Also, admins can additionally block the TCP port 445 to deny access to SMB servers.

Helpful links

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:

If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!

Advertisеment

Author: Sergey Tkachenko

Sergey Tkachenko is a software developer who started Winaero back in 2011. On this blog, Sergey is writing about everything connected to Microsoft, Windows and popular software. Follow him on Telegram, Twitter, and YouTube.

Leave a Reply

Your email address will not be published.

css.php
Using Telegram? Subscribe to the blog channel!
Hello. Add your message here.