Описание
Windows SMB Client Security Feature Bypass Vulnerability
FAQ
What kind of security feature could be bypassed by successfully exploiting this vulnerability?
Guest fallback access in SMB2 is not disabled by default. Installing this security update will disable guest fallback access to enforce the operating system edition settings and Group Policy settings. Guest fallback behavior default will return matching previously documented settings.
Alternatively, customers can manually disable guest access by configuring this registry value:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters] "AllowInsecureGuestAuth"=dword:0
For more information on guest fallback access behaviors and default settings, refer to:
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows 10 Version 2004 for 32-bit Systems | ||
| Windows 10 Version 2004 for ARM64-based Systems | ||
| Windows 10 Version 2004 for x64-based Systems | ||
| Windows Server, version 2004 (Server Core installation) | ||
| Windows 10 Version 20H2 for 32-bit Systems | ||
| Windows 10 Version 20H2 for ARM64-based Systems | ||
| Windows Server, version 20H2 (Server Core Installation) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Windows SMB Client Security Feature Bypass Vulnerability
Windows SMB Client Security Feature Bypass Vulnerability
Уязвимость компонента SMB Client операционных систем Microsoft Windows, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
6.5 Medium
CVSS3