Microsoft released an out-of-band security update to address a remote code execution vulnerability in Microsoft Server Message Block 3.1.1 (SMBv3).
In the vulnerability (CVE-2020-0796), a remote attacker could exploit the issue to take control of an affected system. Two days prior to this release Microsoft issued its Patch Tuesday offering.
A remote code execution vulnerability exists in the way the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client.
To exploit the vulnerability against a server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against a client, an unauthenticated attacker would need to configure a malicious SMBv3 server and convince a user to connect to it.
The security update addresses the vulnerability by correcting how the SMBv3 protocol handles these specially crafted requests.