Microsoft’s June Update fixes High Severity issues
UAE’s Telecom Regulatory Authority (TRA) have issued an advisory to users and IT officials to install new security updates that was released by Microsoft in June.
Microsoft’s June month patches contains fixes for their several products including Windows, Office, Edge and Internet Explorer Browser. As per the TRA, the patches will fix the issues categorized as High Severity.
In a recent study came out that UAE is the 3rd most attractive target for Cyber Criminals. UAE residents, along with people in other countries such as Sweden, Norway and the US, are the most attractive targets for cybercriminals due to high per capita income and people spending more time online since the outbreak of the Covid-19 coronavirus.
The critical vulnerability was discovered, which was found to affect the Windows Server
Message Block (SMB) protocol. This vulnerability, called “SMBleed” – and having the tracking
number CVE-2020-1206 –, exists in the SMB protocol’s decompression function – which was also
found in the SMBGhost or EternalDarkness bug – and affects Windows 10 versions 1903 and
1909.
The vulnerability can allow attackers to leak kernel memory remotely. By chaining
this vulnerability with an older “wormable” bug – namely SMBGhost –, remote code execution
can be achieved.
As stated previously, the vulnerability exists in the decompression function – calledSrv2DecompressData – due to the way it handles specially crafted message requests – such as
SMB2 WRITE – that are sent to a targeted SMBv3 server. This handling can thus allow an attacker
to read uninitialized kernel memory and perform modifications to the compression function.