top of page
  • Writer's pictureMarco Lam

Cybersecurity Alert Undisclosed critical Microsoft Windows vulnerability CVE-2020-0796 11 March 2020

Executive Summary

Microsoft has recently (10 March 2020) leaked the information of the upcoming patch, which affects only Windows 10 and Windows Server 2016 or maybe other newer versions.

This vulnerability affects Windows 10 and potential Windows Server 2016 and Windows Server 2019. It allows malicious users or hackers to enter the vulnerable servers and workstations to perform any action including malicious attack and ransomware and cybersecurity safe and constant. At the time of drafting this cybersecurity alert, Microsoft has withdrawn a previously leaked information of this cybersecurity vulnerability. The withdrawn information, however, provided only a partial picture and direction of their cybersecurity vulnerability research. As Microsoft plans to release a patch in the upcoming March patch update, that means this unpatched cybersecurity vulnerability is NOW at a zero-day (0day) state.

It is highly probable that the open nature of this 0day vulnerability will invite waves of 0day attacks in the coming few days before the official cybersecurity system patch is released. We strongly advice clients to review their current cybersecurity system configurations to prevent any such insidious attackers from entering your valued data assets.

By Mr. Windham Wong, OSCP, OSWE 

0 views0 comments

Comments


bottom of page