PSA: anyone who hasn’t already disabled SMBv1 may want to do just that, as another vulnerability has been found by security researchers at RiskSense: “SMBLoris” can lead to DoS attacks affecting every version of the SMB protocol and all versions of Windows since Windows 2000. Microsoft isn’t bothering to patch it, as they plan to remove the SMBv1 protocol in the Windows 10 Fall Creators Update, but everyone running older versions of Windows will remain affected.



RiskSense discovered the SMB vulnerability when analyzing EternalBlue, the leaked SMB exploit that is the source of the recent ransomware attacks. They disclosed the security flaw to Microsoft in June, but the company said that it won’t fix it. “The case offers no serious security implications and we do not plan to address it with a security update,” a Microsoft spokesperson told Threatpost. “For enterprise customers who may be concerned, we recommend they consider blocking access from the internet to SMBv1.”

Discussion

Source: [H]ardOCP – Microsoft Won’t Patch 20-Year-Old SMBv1 Vulnerability