This has never happened, and here again.Microsoft disseminated information about the presence of RCE vulnerability in the SMB protocol version 3.1.1 and higher. Vulnerabilities are affected by systems with Windows 10 1903 and higher, including server editions.According to current information - vulnerabilities are affected by both SMBv3 clients and SMBv3 servers. Exploitation of the vulnerability leads to remote execution of code with local system rights, which allows implementing scripts similar to WannaCry \ EternalBlue.There is no treatment at the moment, but Microsoft has released recommendations:1) Before the patch is released, you need to disable SMB 3.0 compression (powershell)Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" DisableCompression -Type DWORD -Value 1 -Force
2) There is no treatment for clients, so it is recommended to limit SMB traffic to trusted networks using firewalls, including embedded in the OS.At the moment (03/11/2020, 10:00 p.m.), there is no information about technical details or the facts of exploitation of this vulnerability.