Microsoft has released a security update for Windows 10 to cover a very dangerous security flaw. Here's what to do
Just a few days ago, on March 10, 2020, Microsoft released a giant security update that was going to fix as many as 115 flaws discovered in the past few months. But, apparently, downloading and installing this cumulative update is still not enough to protect our PCs: another one has just arrived.
This new update fixes a serious vulnerability in Microsoft Server Message Block (SMB), a component of the operating system used for file sharing within corporate networks. This vulnerability, classified as CVE-2020-0796, had been known about for some time, and security experts jumped out of their chairs when they saw that it was not among the 115 vulnerabilities patched with the March 10 update. Microsoft, therefore, had to jump to the rescue by releasing an emergency patch specifically for the bug in SMB, which is now available for download and installation via Windows Update.
Windows 10, how the wormable vulnerability works
Technically, the bug in SMB is called a "wormable," meaning it can be used by hackers to spread a worm. Worms are special malware capable of self-replication: when infecting a computer, the worm automatically starts with the machine and tries hard to get out of the PC to infect others. Microsoft Message Block could become one of the ways used by an eventual worm to spread.
Let's not forget, then, that SMB has already been used by cyber criminals to spread very dangerous viruses like the famous WannaCry that spread on a large scale in 2017. WannaCry, in turn, was a "ransomware" type virus: it encrypted all the data on the infected computer's hard drive and then demanded a ransom to decrypt it.
How to install Microsoft's patch
Microsoft has released the patch for this serious vulnerability in SMB through the mandatory security update KB4551762. The update is automatically downloaded from Windows Update, unless the system settings for downloading upgrades have been changed. In this case you may see a pending download warning in Windows Update for "Cumulative Update for Windows 10 Version 1909 for x64-based systems (KB4551762)". It is important to perform the download now and let Windows Update install it and reboot the operating system.