{"id":3877,"date":"2020-06-11T04:17:43","date_gmt":"2020-06-11T04:17:43","guid":{"rendered":"https:\/\/www.affinite.fr\/index.php\/2020\/06\/11\/une-nouvelle-faille-extremement-dangereuse-affecte-un-protocole-essentiel-de-windows-10\/"},"modified":"2020-06-11T04:17:43","modified_gmt":"2020-06-11T04:17:43","slug":"une-nouvelle-faille-extremement-dangereuse-affecte-un-protocole-essentiel-de-windows-10","status":"publish","type":"post","link":"https:\/\/www.affinite.fr\/index.php\/2020\/06\/11\/une-nouvelle-faille-extremement-dangereuse-affecte-un-protocole-essentiel-de-windows-10\/","title":{"rendered":"Une nouvelle faille extr\u00eamement dangereuse affecte un protocole essentiel de Windows 10"},"content":{"rendered":"<p> [ad_1]<br \/>\n<br \/><img decoding=\"async\" src=\"https:\/\/img.bfmtv.com\/i\/0\/0\/234\/cd724b87a645df14aada3be97b6ad.jpg\" \/><\/p>\n<div itemprop=\"articleBody\">\n<p>Les chercheurs en s\u00e9curit\u00e9 de ZecOps ont d\u00e9couvert une nouvelle faille de s\u00e9curit\u00e9 (CVE-2020-1206) dans le protocole\u00a0SMBv3 (Server Message Block) de Windows\u00a010 versions 1903, 1909 et 2004.<br \/>Baptis\u00e9e SMBleed, elle permet de siphonner \u00e0 distance la m\u00e9moire du kernel par l\u2019envoi d\u2019un message v\u00e9rol\u00e9 sur un r\u00e9pertoire de fichiers partag\u00e9, \u00e0 condition d\u2019y avoir acc\u00e8s. Microsoft a publi\u00e9 un patch \u00e0 l\u2019occasion de son dernier Patch Tuesday, le 9\u00a0juin.<\/p>\n<aside class=\"bg-color-0 padding-inside-all-s bloc border-s\">\n<h4 class=\"box-txt-normal\">\n<p><b>A d\u00e9couvrir aussi en vid\u00e9o<\/b><\/p>\n<\/h4>\n<\/aside>\n<p>Mais ce n\u2019est pas tout. Le principal danger de SMBleed est qu\u2019il permet de mieux exploiter SMBGhost, une faille critique qui a \u00e9t\u00e9 trouv\u00e9e il y a trois mois dans la m\u00eame partie de code du protocole\u00a0SMBv3.<br \/>En associant les deux, il est possible de cr\u00e9er une attaque qui permet d\u2019ex\u00e9cuter du code arbitraire \u00e0 distance sur un PC et de r\u00e9aliser des infections de proche en proche (ver informatique). Un sc\u00e9nario catastrophe similaire \u00e0 WannaCry ou NotPetya que les chercheurs illustrent par une vid\u00e9o.<\/p>\n<p>\n            <center><iframe loading=\"lazy\" src=\"https:\/\/giphy.com\/embed\/m9Rz4PBU0kZFKp0mlg\" class=\"giphy-embed\" allowfullscreen=\"\" width=\"480\" height=\"308\" frameborder=\"0\"><\/iframe><\/center>\n    <\/p>\n<p>Les chercheurs de ZecOps ne sont pas les seuls \u00e0 avoir trouv\u00e9 un moyen d\u2019exploiter SMBGhost. Il y a quelques jours, un chercheur a mis en ligne une preuve de concept pour <a href=\"https:\/\/www.01net.com\/actualites\/windows10-il-est-grand-temps-d-installer-le-patch-pour-la-faille-smbghost-1929518.html\" target=\"_blank\" rel=\"noopener noreferrer\">une attaque similaire<\/a>, mais qui utilise d\u2019autres moyens. Bref, il est important de bien patcher son syst\u00e8me ou, si ce n\u2019est pas possible, de bloquer le port\u00a0445.<\/p>\n<p><strong>Source\u00a0<\/strong>: <a href=\"https:\/\/blog.zecops.com\/vulnerabilities\/smbleedingghost-writeup-chaining-smbleed-cve-2020-1206-with-smbghost\/\" target=\"_blank\" rel=\"noopener noreferrer\">ZecOps<\/a><\/p>\n<\/p><\/div>\n<p><script>\n         !function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function()\n         {n.callMethod? n.callMethod.apply(n,arguments):n.queue.push(arguments)}\n         ;if(!f._fbq)f._fbq=n;\n             n.push=n;n.loaded=!0;n.version='2.0';n.queue=[];t=b.createElement(e);t.async=!0;\n             t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,\n                 document,'script','https:\/\/connect.facebook.net\/en_US\/fbevents.js');\n         fbq('init', '1065890633454496');\n         fbq('track', 'PageView');\n     <\/script><br \/>\n<br \/>[ad_2]<br \/>\n<br \/><a href=\"https:\/\/www.01net.com\/actualites\/une-nouvelle-faille-extremement-dangereuse-affecte-un-protocole-essentiel-de-windows-10-1930499.html\">Source link <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[ad_1] Les chercheurs en s\u00e9curit\u00e9 de ZecOps ont d\u00e9couvert une nouvelle faille de s\u00e9curit\u00e9 (CVE-2020-1206) dans le protocole\u00a0SMBv3 (Server Message &hellip; <a href=\"https:\/\/www.affinite.fr\/index.php\/2020\/06\/11\/une-nouvelle-faille-extremement-dangereuse-affecte-un-protocole-essentiel-de-windows-10\/\" class=\"more-link\">Plus <span class=\"screen-reader-text\">Une nouvelle faille extr\u00eamement dangereuse affecte un protocole essentiel de Windows 10<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":3878,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_sitemap_exclude":false,"_sitemap_priority":"","_sitemap_frequency":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-3877","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tous"],"_links":{"self":[{"href":"https:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/posts\/3877"}],"collection":[{"href":"https:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/comments?post=3877"}],"version-history":[{"count":0,"href":"https:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/posts\/3877\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/media\/3878"}],"wp:attachment":[{"href":"https:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/media?parent=3877"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/categories?post=3877"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.affinite.fr\/index.php\/wp-json\/wp\/v2\/tags?post=3877"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}