If this flaw remains unpatched, an ill-intentioned hacker could gain control over your system and wreak havoc on your PC.
Windows 10 update is causing serious problems for these users: Here’s the fixWindows 10 May update issues confirmed by Microsoft: What to doWindows 10 update causes Blue Screen of Death: How to avoid it
What does SMBGhost do?
SMBGhost is an exploit code that takes advantage of bugs in the SMB (Server Message Block), which is a network communication protocol that allows Windows to talk with other devices, such as file servers and printers. When an attacker exploits this flaw, the bug grants the hacker unauthorized access to a Windows computer. With this access, the hijacker can remotely infect the PC with malicious programs such as ransomware and malware. SMBGhost is “wormable.” This means it has the ability to spread from one vulnerable machine to another, which could cause billions of dollars in damage for corporate networks. The proof-of-concept SMBGhost exploit code was published by Github user Chompie1337. Chompie1337 admitted that the exploit was haphazardly written and is unreliable, but with a little more work from a more diligent hacker, the code could cause considerable damage. “Using this for any purpose other than self-education is an extremely bad idea. Your computer will burst in flames. Puppies will die,” Chompie1337 jokingly warned GitHub users.
Who is vulnerable to SMGhost?
Microsoft published a patch to fix this SMB issue in March, but a great number of Internet-connected computers are still unpatched and vulnerable to the Eternal Darkness attack. Many users have been holding off on updating their PCs due to Microsoft’s history of system-damaging patches, according to HotHardware. Windows users who have forgone upgrades are most susceptible to the Eternal Darkness flaw. That said, Microsoft wrote in a security advisory (opens in new tab) that the vulnerability exists in a new feature that was added to Windows 10 version 1903 (released on May 27), and, therefore, older versions of Windows aren’t in danger.
How to avoid Eternal Darkness
Homeland Security’s CISA issued an advisory, warning PC users that hackers are actively targeting unpatched systems using the SMBGhost exploit code. CISA urged users to install updates immediately. “Although Microsoft disclosed and provided updates for this vulnerability in March 2020, malicious cyber actors are targeting unpatched systems with the new [proof-of-concept], according to recent open-source reports. CISA strongly recommends using a firewall to block SMB ports from the internet and to apply patches to critical- and high-severity vulnerabilities as soon as possible,” CISA said. If you haven’t yet updated your Windows system yet, there’s no better time than now. However, we’re well aware of how unstable Windows updates can be, so make sure to back up your files – just in case.