Homeland Security warns over ‘wormable’ Windows 10 bug
Homeland Security’s cybersecurity advisory unit is warning Windows 10 users to make sure that their systems are fully patched, after exploit code for a “wormable” bug was published online last week.
The code takes advantage of a security vulnerability patched by Microsoft back in March. The bug caused confusion and concern after details of the “critical”-rated bug were initially published but quickly pulled offline.
The exploit code, known as SMBGhost, exploits a bug in the server message block — or SMB — component that lets Windows talk with other devices, like printers and file servers. Once exploited, the bug gives the attacker unfettered access to a Windows computer to run malicious code, like malware or ransomware, remotely from the internet.
Worse, because the code is “wormable” it can spread across networks, similar to how the NotPetya and WannaCry ransomware attacks spread across the world, causing billions of dollars in damage.
Even though Microsoft published a patch months ago, tens of thousands of internet-facing computers are still vulnerable, prompting the advisory.
In the advisory, Homeland Security’s Cybersecurity and Infrastructure Security Agency said hackers are “targeting unpatched systems” using the new code and advise users to install updates immediately.
The researcher who published the code, a GitHub user who goes by the handle Chompie1337, said by their own admittance that their proof-of-concept code was “written quickly and needs some work to be more reliable,” but warned that the code, if used maliciously, could cause considerable damage.
“Using this for any purpose other than self education is an extremely bad idea. Your computer will burst in flames. Puppies will die,” said the researcher.
If you haven’t updated Windows recently, now would be a good time.
Homeland Security’s cybersecurity advisory unit is warning Windows 10 users to make sure that their systems are fully patched, after exploit code for a “wormable” bug was published online last week. The code takes advantage of a security vulnerability patched by Microsoft back in March. The bug caused confusion and…
