Name of the Vulnerable Software and Affected Versions:

Microsoft Windows versions prior to the fixed version, specifically versions 3.1.1 of the Microsoft Server Message Block (SMB) protocol, including Microsoft Windows 10 (1903, 1909) and Microsoft Windows Server.

Description:

A remote code execution vulnerability exists in the way the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. This vulnerability, also known as 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability', allows remote attackers to execute arbitrary code and affect the system. The issue is related to the incorrect handling of compression requests in the SMBv3 protocol. To mitigate the risk, it is recommended to disable SMB compression and block SMB ports (137, 139, 445) inbound and outbound.

Recommendations:

For Microsoft Windows 10 (1903, 1909) and Microsoft Windows Server, update to a version that includes the fix for this vulnerability.

As a temporary workaround, consider disabling SMB compression to prevent exploitation until a patch is available.

Restrict access to SMB ports (137, 139, 445) to minimize the risk of exploitation.