You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning that hackers are actively exploiting a previously patched flaw in Windows 10 that goes by multiple names, among them Eternal Darkness and SMBGhost. Both sound ominous, and for good reason. If left unpatched, an attacker could gain unauthorized remote access to a target system and wreak havoc.
Microsoft actually issued an out-of-band patch for this vulnerability in March, meaning it arrived separately from any scheduled Patch Tuesday updates that are pushed out the second Tuesday of every month. Out-of-band patches are typically reserved for security issues that demand immediate attention.
In this case, the flaw has to do with the Server Message Block (SMB) protocol in Windows 10. It's basically a network file sharing protocol that offers shared access to files, printers, and other resources between PCs on a network.
Eternal Darkness/SMBGhost affects version 3.11 of the protocol, which as ThreatPost points out, is the same version that was targeted by the WannaCry ransomware a couple of years ago. And like WannaCry, it has the ability to 'worm' its way through a network to quickly infect multiple PCs.
This was a pain 😂. But I was able to achieve RCE with CVE 2020-0796 #SMBGhost. pic.twitter.com/mvQ0YQt9GTJune 1, 2020
Even though this was patched in March, a user on Twitter recently posted a proof-of-concept exploit to GitHub that allows an attacker to execute malicious code remotely, along with a video showcasing the exploit. This code has been used in the wild to attack Windows 10 PCs that have not been patched recently.
"Although Microsoft disclosed and provided updates for this vulnerability in March 2020, malicious cyber actors are targeting unpatched systems with the new PoC, according to recent open-source reports. CISA strongly recommends using a firewall to block SMB ports from the internet and to apply patches to critical- and high-severity vulnerabilities as soon as possible," CISA said.
If you have not run Windows Update in a while, you should do so right now, to ensure you have the patch installed. You could also apply the May 2020 Update for Windows 10 (version 2004) if you have been putting that off, as this does not affect the latest release. Just be sure to back up your important files first in case something goes wrong.
