Tag :
Cyber Security

On June 10, 2020 (Beijing time), Microsoft released the security update for June 2020, including patches for 129 vulnerabilities. This update covers multiple components and software including Microsoft Windows, Internet Explorer (IE), Office, Microsoft Edge, Windows Defender, etc. 11 of the 128 Common Vulnerabilities and Exposures were officially marked as Critical by Microsoft, and 118 of them were marked as "Important".

In addition, in security patch of June, there are 23 remote code execution vulnerabilities, 5 denials of service vulnerabilities, 70 privilege escalation vulnerabilities, and 11 information disclosure vulnerabilities. Overall, the security patches basically solved the vulnerabilities or bugs discovered in Windows this month. Among them, the following vulnerabilities POC has been publicized and caused a wide impact. It is recommended to fix them in time.

About Vulnerability
CVE-2020-1301, Microsoft Windows SMB Server Remote Code Execution Vulnerability The vulnerability is located in the SMBv1 driver while SMBv2 and SMBv3 versions are not affected. The trigger point of the vulnerability is the SMBv1 driver does not fully verify the SI_COPYFILE structure when processing the FSCTL_SIS_COPTFILE request in the MS-FSCC protocol, resulting in an integer overflow. To exploit this vulnerability, you need to pass SMB protocol authentication, which increases the difficulty. But SMBv1 is deployed in all versions from Windows 7-10, so the vulnerability has a wide range of impacts. Attackers who successfully exploit this vulnerability can execute arbitrary code on the target host.

 
Reference
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1301

Timeline
June 9, 2020 Microsoft released a security bulletin on its website.
June 10, 2020 Sangfor FarSight Labs released issued a vulnerability warning article.

1. Mitigation measures:
1) Use strong passwords for SMB protocol authentication to avoid brute-force attack.

2) Turn off SMBv1 which has many security issues if it is unnecessary. Use SMBv2 or higher version protocol instead. For the method of turning off SMBv1 for each Windows version, please refer to the official Microsoft recommended solution:

https://docs.microsoft.com/en-us/windows-server/storage/file-server/troubleshoot/detect-enable-and-disable-smbv1-v2-v3

2. Official patch:
Microsoft has officially updated the security patches of the affected software. Users can download and install the corresponding security patches according to different systems. inks:

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1301

Listen To This Post

Search

Keyword maximum 256 character

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Name
Email Address
Business Phone Number
Tell us about your project requirements

Related Articles

Cyber Security

Top Cisco Alternatives and Competitors

Date : 17 Dec 2024
Read Now
Cyber Security

Top Antivirus Software for Enterprise Brands

Date : 12 Dec 2024
Read Now
Cyber Security

Brain Cipher Ransomware Attack: Alleged 1TB Data Breach at Deloitte UK

Date : 07 Dec 2024
Read Now

See Other Product

Cyber Command - NDR Platform
Endpoint Secure
Internet Access Gateway (IAG)
Sangfor Network Secure - Next Generation Firewall
Platform-X
Sangfor Access Secure

Meet the Author

About Sangfor

Sangfor Technologies

Sangfor Technologies is a leading vendor of Cyber Security and Cloud Computing solutions. The majority of the blogs that you are seeing here are written by professionals working at Sangfor. We have a team of content writers, product managers and marketing experts who are taking care of writing articles on various topics that are relevant to our audience. Our team ensures that the articles published are factually correct and helpful to our customers and partners to know more about the recent trends on Cyber Security and Cloud, and how it can help their organizations.

  • facebook
  • twitter
  • linkedin
  • youtube
  • instagram
See Author's Detail