Windows 10 users have been urged once again to ensure their systems are updated with the latest security patches following the discovery of a dangerous new vulnerability.

The warning comes straight from US Homeland Security, whose cybersecurity advisory unit discovered exploit code for the “wormable” bug online.

The Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) is now urging all Windows 10 users to patch and update their systems immediately to ensure they stay safe from the vulnerability.

Wormable

Discovered in a GitHub post, the exploit code targets a known security flaw in the server message block tool that allows Windows to communicate with other devices, including items such as file servers and printers. 

Once deployed, the bug, known as SMBGhost, can allow an attacker complete access to the target computer to download and run malicious code remotely. As SMBGhost is “wormable,” this means it can then be spread to other devices connected to the same network, allowing it to spread fast.

Microsoft issued a patch to block the critical-rated flaw earlier this year, but the company caused confusion after its warnings and findings were taken offline shortly after being put up.

CISA warned that due to this discrepancy, thousands of connected PC and laptop devices could still be vulnerable, hence the urging for Windows users to update their systems immediately.

“CISA strongly recommends using a firewall to block SMB ports from the internet and to apply patches to critical- and high-severity vulnerabilities as soon as possible,” the body advised.

Via TechCrunch

Source Article