RULE(RULE ID:714080)

Rule General Information
Release Date: 2020-06-09
Rule Name: SMBv1 Denial of Service Vulnerability (CVE-2020-1301)
Severity:
CVE ID:
Rule Protection Details
Description: A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'.The following products and versions are affected: Microsoft Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10, Windows Server 2008 SP2, Windows Server 2008 R2 SP1, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, Windows 10 version 1607, Windows 10 version 1709, Windows 10 version 1803, Windows 10 version 1809, Windows 10 version 1903, Windows 10 version 1909, Windows 10 version 2004, Windows Server version 1803, Windows Server version 1903, Windows Server version 1909, Windows Server 2004 version.
Impact: An attacker can launch a denial of service attack by exploiting the vulnerability successfully.
Affected OS: Windows
Reference: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1301
https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-1301
https://vigilance.fr/vulnerability/Windows-vulnerabilities-of-June-2020-32500
https://nvd.nist.gov/vuln/detail/CVE-2020-1301
Solutions
The vendors have released upgrade patches to fix vulnerabilities, please visit:
https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2020-1301