Windows SMBv3 vulnerability CVE-2020-0796

SMBv3 vulnerability ADV200005

Microsoft announced a vulnerability in SMBv3 yesterday.

There is currently no patch available, however, a less effective workaround is offered.

Disable SMBv3 compression via registry

Set-ItemProperty -Path “HKLM: \ SYSTEM \ CurrentControlSet \ Services \ LanmanServer \ Parameters” DisableCompression -Type DWORD -Value 1 -Force

As soon as there is a patch, the compression should be reactivated.

Set-ItemProperty -Path “HKLM: \ SYSTEM \ CurrentControlSet \ Services \ LanmanServer \ Parameters” DisableCompression -Type DWORD -Value 0 -Force

A restart is not necessary, the change is immediately active.

Further information in the ADVs:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200005
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0796

Here is the patch to close the SMBv3 gap:

https://www.catalog.update.microsoft.com/Search.aspx?q=KB4551762

Before installing this, check whether the latest Servicing Stack Update (SSU) is installed!

https://docs.microsoft.com/de-de/windows/deployment/update/servicing-stack-updates

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001

Monitor certification body