Hello, welcome to the Friday, March 13th, 2020 edition of the Sansanet Storm Center's Stormcast.

My name is Johannes Ulrich.

And then I'm recording from Jacksonville, Florida.

Well, we got a patch from Microsoft.

Microsoft patched CVE 2020-0796.

That's the S&B version 3 compression issue just a couple days after it had its official patch Tuesday. So they must have fixed whatever sort of held

that patch back on the official patch Tuesday. Given that this is a remote code execution in the server

as well as in the client of current versions of Windows 10 and Windows server, this is something

that you should certainly patch. It is theoretically warmable, but it's nothing really to panic about. Now, we do

have a blog post that describes the flaw in details. There are proof of concert exploits out

there that will cause a blue screen of death, but that's about what we got so far, and it'll probably

be a while until there is more...

Probably it is a kernel stack overflow, and there are protections that are sort of built

in to Windows 10 and Windows server in recent versions that make exploitation of these vulnerabilities

quite difficult.

So why I don't say this will not get exploited, it'll probably be a while until we do see an exploit.

So try to get it patched.

I would say within the next couple weeks, the sooner the better.

There are also a couple scanners out there that you can use to check if you have any vulnerable

systems, but essentially if you have a recent version of Windows 10 Windows server, yes,

you're vulnerable, you should apply the patch.

If you don't want to apply the patch right now, then please apply the workaround,

...