![\"\"](\"https:\/\/icrowdnewswire.com\/wp-content\/uploads\/2020\/06\/4001-logo-95.png\"){kind=logo}
<\/p>\n<\/p>\n
![\"Microsoft](\"https:\/\/techcrunch.com\/wp-content\/uploads\/2020\/06\/GettyImages-482300528.jpg?w=730&crop=1\")
<\/p>\n
Homeland Security’s cybersecurity advisory unit is warning Windows 10 users to make sure that their systems are fully patched, after exploit code for a “wormable” bug was published online last week.<\/p>\n
The code takes advantage of a security vulnerability patched by Microsoft <\/a> back in March<\/a>. The bug caused confusion and concern after details of the “critical”-rated bug were initially published but quickly pulled offline<\/a>.<\/p>\n The exploit code, known as SMBGhost, exploits a bug in the server message block — or SMB — component that lets Windows talk with other devices, like printers and file servers. Once exploited, the bug gives the attacker unfettered access to a Windows computer to run malicious code, like malware or ransomware, remotely from the internet.<\/p>\n Worse, because the code is “wormable,” it can spread across networks, similar to how the NotPetya<\/a> and WannaCry ransomware attacks<\/a> spread across the world, causing billions of dollars in damage.<\/p>\n Even though Microsoft published a patch months ago, tens of thousands of internet-facing computers are still vulnerable, prompting the advisory.<\/p>\n In the advisory, Homeland Security’s Cybersecurity and Infrastructure Security Agency said hackers are “targeting unpatched systems” using the new code, and advise users to install updates immediately.<\/p>\n The researcher who published the code, a GitHub <\/a> user who goes by the handle Chompie1337<\/a>, said by their own admittance that their proof-of-concept code was “written quickly and needs some work to be more reliable,” but warned that the code, if used maliciously, could cause considerable damage.<\/p>\n “Using this for any purpose other than self education is an extremely bad idea. Your computer will burst in flames. Puppies will die,” said the researcher.<\/p>\n If you haven’t updated Windows recently, now would be a good time.<\/p>\n https:\/\/techcrunch.com\/2020\/03\/12\/microsoft-releases-emergency-patch-for-leaked-windows-10-security-bug\/<\/a><\/p>\n <\/p>\n Tags:<\/b> Zack Whittaker<\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"See Campaign: <\/strong>https:\/\/crunchbase.com\/organization\/microsoft<\/a>
Contact Information:<\/b>
Zack Whittaker<\/p>\n
<\/a>, Wire<\/a>, United States<\/a>, English<\/a><\/p>\n<\/div>\n
\nContact Information:<\/h3>\n
Homeland Security’s cybersecurity advisory unit is warning Windows 10 users to make sure that their systems are fully patched, after exploit code for a “wormable” bug was published online last week. The code takes advantage of a security vulnerability patched by Microsoft back in March. The bug caused confusion and concern after details of the “critical”-rated bug were initially … Continue reading Homeland Security warns over ‘wormable’ Windows 10 bug<\/span><\/a> Continue Reading