Windows 10 security alert - users warned over ‘wormable’ bug

US Homeland Security issues Windows 10 warning

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Windows 10users have been urged once again to ensure their systems are updated with the latest security patches following the discovery of a dangerous new vulnerability.

The warning comes straight from US Homeland Security, whose cybersecurity advisory unit discovered exploit code for the “wormable” bug online.

The Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) is now urging allWindows 10users to patch and update their systems immediately to ensure they stay safe from the vulnerability.

Wormable

Wormable

Discovered in a GitHub post, the exploit code targets a known security flaw in the server message block tool that allows Windows to communicate with other devices, including items such as file servers and printers.

Once deployed, the bug, known as SMBGhost, can allow an attacker complete access to the target computer to download and run malicious code remotely. As SMBGhost is “wormable,” this means it can then be spread to other devices connected to the same network, allowing it to spread fast.

Microsoftissued a patch to block thecritical-rated flaw earlier this year, but the company caused confusion after its warnings and findings were taken offline shortly after being put up.

CISA warned that due to this discrepancy, thousands of connected PC and laptop devices could still be vulnerable, hence the urging for Windows users to update their systems immediately.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

“CISA strongly recommends using a firewall to block SMB ports from the internet and to apply patches to critical- and high-severity vulnerabilities as soon as possible,” the bodyadvised.

ViaTechCrunch

Mike Moore is Deputy Editor at TechRadar Pro. He has worked as a B2B and B2C tech journalist for nearly a decade, including at one of the UK’s leading national newspapers and fellow Future title ITProPortal, and when he’s not keeping track of all the latest enterprise and workplace trends, can most likely be found watching, following or taking part in some kind of sport.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

How to turn off Meta AI