CISA Warns Windows 10 Eternal Darkness Flaw Exploit

Two important Windows 10 news stories are about to land in your ears. One of them is about a USB-related that bug is causing issues with printers. In the other one, CISA has issued a warning that Windows 10 ‘External Darkness’ flaw is being exploited by attackers in the wild.

Windows 10 bug is breaking USB printers

According to a new support page, the issue sprouts when you switch off or disconnect a USB printer after shutting down your computer. When you restart your system later, Windows 10 won’t be able to detect the device or complete printing tasks.

Moreover, the corresponding USB printer port (e.g., USB001) doesn’t appear anywhere in the Windows printer settings. As a result, the system is not able to perform any tasks related to that particular printer.

For now, Microsoft suggests that a possible workaround for the Windows 10 USB printer issue is to connect the printer before you start your computer and live your life in peace.

The bug can be found in Windows 10 1903 and later versions, all the way up to recently released version 2004. Also, this is in addition to the list of already known Windows 10 2004 issues.

CISA warns against Windows 10 ‘Eternal Darkness’ exploits, patch now!

Now, let’s talk about the Windows 10 security flaw (CVE-2020-0796) that has raised the eyebrows, known as SMBGhost or Eternal Darkness. According to CISA, hackers are taking advantage of the flaw to target computers.

The SMBGhost flaw lies in the SMB 3.1.1 (Server Message Block) protocol used in Windows 10. It enables the sharing of resources such as printers, files, etc. on a network. Interestingly, SMB 3.1.1 was the same version that caught the interest of the infamous WannaCry ransomware.

If successfully exploited, an attacker could perform remote code execution and fulfill their evil intentions.

Earlier this month, a proof-of-concept showing the remote code execution was posted by a Twitter user.

CISA said in its advisory that it “is aware of publicly available and functional proof-of-concept (PoC) code that exploits CVE-2020-0796 in unpatched systems.”

It added that “malicious cyber actors are targeting unpatched systems with the new PoC, according to recent open-source reports.”

Hence, it recommends blocking SMB ports from the internet using a strong firewall and install the available security patches for critical vulnerabilities.

Microsoft released an out-of-band update in March to patch Eternal Darkness/SMBGhost flaw, yet, there could be systems that are still exposed. So, if you haven’t updated your computer, then you should do so now. However, if you’re already running the May 2020 Update, it’s not affected by the flaw.

via PCGamer

Aditya Tiwari
Aditya likes to cover topics related to Microsoft, Windows 10, and interesting gadgets. But when he is not working, you can find him binge-watching random videos on YouTube (after he has wasted an hour on Netflix trying to find a good show). Reach out at [email protected]