[Critical Security Alert] Windows SMB Service 0-day Vulnerability Alert
Posted Date 08/02/2017
Security researchers released a 20-year-old vulnerability on Windows systems at the 2017 DEF CON Hacker conference in Las Vegas, USA. The vulnerability, called "SMBloris," allows an attacker to easily use a short 20-line code to initiate a DoS attack that can deplete the system's memory resources. The vulnerability affects the SMBv1 protocol on Windows 2000 systems and above, and Microsoft officials said there is no plan to release a patch to fix the vulnerability. In order to ensure the security and stability of your systems running on Alibaba Cloud, we suggest you take steps to mitigate the threat. We recommend either of the following two approaches:
1. If you do not need to use network file sharing services, we recommend that you disable the SMB protocol（URL:https://blogs.technet.microsoft.com/filecab/2016/09/16/stop-using-smb1/).
2. Use Security Group Policy to prohibit access to port 445 from the internet.