Microsoft patches SMBv3 wormable bug that leaked earlier this week CVE-2020-079 KB4551762

Microsoft patches SMBv3 wormable bug that leaked earlier this week
https://www.zdnet.com/article/microsoft-patches-smbv3-wormable-bug-that-leaked-earlier-this-week/
"Emergency out-of-band fix for CVE-2020-0796 is now rolling out"

"The fix is available as KB4551762, an update for Windows 10, versions
1903 and 1909, and Windows Server 2019, versions 1903 and 1909."

"The bug allows attackers to connect to remote systems where the SMB
service is enabled and run malicious code with SYSTEM privileges,
allowing for remote takeovers of vulnerable systems."

See also:

o Details about new SMB wormable bug leak in Microsoft Patch Tuesday snafu
https://www.zdnet.com/article/details-about-new-smb-wormable-bug-leak-in-microsoft-patch-tuesday-snafu/
"SMB vulnerability is currently not patched, but now everyone knows
it's there"

o March 12, 2020¡XKB4551762 (OS Builds 18362.720 and 18363.720)
https://support.microsoft.com/en-us/help/4551762/windows-10-update-kb4551762
"1903-OS Build 18362.720 and 1909-OS Build 18363.720"

o We've just finished our first internet wide scan for CVE-2020-0796 and
have identified 48000 vulnerable hosts.
https://twitter.com/kryptoslogic/status/1238069159919063050

o ADV200005 | Microsoft Guidance for Disabling SMBv3 Compression
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/adv200005
"You can disable compression to block unauthenticated attackers from
exploiting the vulnerability against an SMBv3 Server with the PowerShell
command below.

Set-ItemProperty -Path
"HKLM:\SYSTEM\CurrentControlSet\Services\LanmanSer ver\Parameters"
DisableCompression -Type DWORD -Value 1 -Force"
--
Only 2 kinds of people are on Usenet: Those adding value & those who can't.