The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote malicious users to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft server_message_block 1.0 |
Windows zero day was exploited by Buckeye alongside Equation Group tools during 2016 attacks. Exploit and tools continued to be used after Buckeye's apparent disappearance in 2017.
Posted: 6 May, 20198 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinBuckeye: Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers LeakWindows zero day was exploited by Buckeye alongside Equation Group tools during 2016 attacks. Exploit and tools continued to be used after Buckeye's apparent disappearance in 2017.Key Findings The Buckeye attack group was using Equation Group tools to gain persistent ac...
Update, update, update. Plus: Flash, Struts, Drupal also make appearances Sadly, 111 in this story isn't binary. It's decimal. It's the number of security fixes emitted by Microsoft this week
Vulnerabilities in Microsoft Windows, Office, and Windows Server, for which patches have been available for years, continue to be the favorite target for hackers looking to spread malware. A list posted by US-CERT this week rattles off the 10 most oft-targeted security vulnerabilities during the past three years, and finds that, shock horror, for the most part, keeping up with patching will keep you safe. Microsoft ranks highly in the list because its software is widely used, and provides the mo...
Yep, vulns of WannaCry infamy. Why haven't you patched yet?
Hackers* have improved the reliability and potency of Server Message Block (SMB) exploits used to carry out the hard-hitting NotPetya ransomware attack last year. EternalBlue, EternalSynergy, EternalRomance and EternalChampion formed part of the arsenal of NSA-developed hacking tools that were leaked by the Shadow Brokers group before they were used (in part) to mount the devastating NotPetya cyber attack. The exploits – linked to the CVE-2017-0143 and CVE-2017-0146 Microsoft vulnerabilitie...
Epic fails and l33t pops celebrated by hackers
Black Hat The annual Pwnie Awards for serious security screw-ups saw hardly anyone collecting their prize at this year's ceremony in Las Vegas. That's not surprising: government officials, US spy agencies, and software makers aren’t usually in the mood to acknowledge their failures. The Pwnies give spray-painted pony statues to those who have either pulled off a great hack or failed epically. This year it was nation states that got a significant proportion of the prizes. The gongs are divided ...
EternalBlue now an eternal headache
Updated Workers at Telefónica's Madrid headquarters were left staring at their screen on Friday following a ransomware outbreak. Telefónica was one of several victims of a widespread file-encrypting ransomware outbreak, El Pais reports. Telefónica has confirmed the epidemic on its intranet while downplaying its seriousness, saying everything was under control. Fixed and mobile telephony services provided by the firm have not been affected. Other Spanish targets of the attack reportedly includ...