The Department of Homeland Security (DHS) cybersecurity advisory arm issued a warning on its website that “[M]alicious cyber actors are targeting unpatched systems” with a new exploit code that on unpatched systems could spread to millions of computers.
The exploit code, called SMBGhost, attacks a security vulnerability in the server message block (SMB) that Microsoft patched in March 2020. If successful, the bug gives the user full access to the computer to run the malicious code remotely and because it is a worm, it can spread across networks, similar to WannaCry and NotPetya. It is estimated that the code can cause millions of dollars of damage.
DHS strongly recommends that all Windows 10 users use “a firewall to block Weber message block ports from the internet and to apply patches to critical-and high severity vulnerabilities as soon as possible.”
To do so, access Microsoft’s security guidance and guidance from US-CERT.