Emergency patch for Windows 10

© iStock.

Thursday, Microsoft released a fix for a critical security flaw that allows attackers to remotely execute malicious code that can spread from one vulnerable machine to another without user interaction. The flaw, in version 3 of Microsoft’s implementation of the Server Message Block protocol, is only present in the 32- and 64-bit versions of Windows 10, 1903 and 1909. Although this vulnerability is difficult to exploit consistently, Microsoft and outside researchers consider it critical because it opens up large networks to attacks in which a single compromised machine can trigger a chain reaction that quickly infects all other Windows machines.

⇨ Ars Technica, Dan Goodin, “Microsoft delivers emergency patch to fix wormable Windows 10 flaw.”