meta_pixel
Tapesearch Logo
Log in
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

ISC StormCast for Wednesday, June 10th 2020

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS ISC Handlers

Tech News, News, Technology

4.9696 Ratings

🗓️ 10 June 2020

⏱️ 6 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Microsoft Patch Day; SMBleed; Adobe Patches; Intel Patches

Transcript

Click on a timestamp to play from that location

0:00.0

Hello, welcome to the Wednesday, June 10th, 2020 edition of the Sansanet Storm Center's Stormcast.

0:07.0

My name is Johannes Ulrich, and today I'm recording from Jacksonville, Florida.

0:12.3

Well, today, of course, top of the news, Microsoft's patch Tuesday, the gut patches for a total of 129 different vulnerabilities.

0:21.6

11 of them were rated critical and the remaining 118 were rated important.

0:29.6

So overall, this looks kind of like an average patch Tuesday if it wouldn't be for CVE 2020 1206. This is an un-initialized kernel

0:43.1

memory read for SMB version 3 and has already been named by the Discover Secops

0:51.0

SM plead. So what's so bad about this? Well, essentially it allows you to read

0:58.0

arbitrary kernel memory and proof of concept exploit has already been released by SECOps.

1:07.0

Of course, earlier this year we had a well somewhat somewhat similar vulnerability that led to remote code execution, and that was SMB Ghost CVE 2020-0796.

1:19.6

Same function actually, both of these vulnerabilities only affect SMB version 3 and affect the compression feature in SMB version 3. SMB ghost, the earlier

1:33.0

vulnerability led to code execution, of course more severe in that sense, and well, we got

1:40.2

actually just a proof of concept exploit for this one last week.

1:45.6

The new vulnerability, SM Pleat, does leak kernel memory.

1:50.8

So in essence, it's a little bit like, of course, Heartbleed, the famous OpenSSL vulnerability,

1:57.6

but here we get kernel memory, not memory from a specific process.

2:02.6

So those two vulnerabilities actually sort of go together, because with SM pleat, you can leak

2:09.6

kernel memory, which then allows you to actually exploit SMB ghost.

2:15.6

And with exploits being available for both, that certainly isn't a good thing.

2:22.4

So what should you do about it? Well, first of all, I hope you plug port 445 on your parameter.

2:29.3

I keep saying this. And earlier today, when I sort of was commenting on the SMB ghost proof of concept

2:36.7

in NewsBite, that's of the one thing I again pointed out. Now, if you still have compression

2:43.8

disabled in SMB version 3, there was one of the workarounds for the SMB ghost vulnerability,

...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from SANS ISC Handlers, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of SANS ISC Handlers and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.

Copyright © Tapesearch 2025.