Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?


Endpoint Security

Users Complain About Windows Update That Patches SMBGhost Vulnerability

Some users have complained that the Windows security update released recently by Microsoft to patch a wormable vulnerability related to Server Message Block 3.0 (SMBv3) is causing problems.

Some users have complained that the Windows security update released recently by Microsoft to patch a wormable vulnerability related to Server Message Block 3.0 (SMBv3) is causing problems.

Microsoft released an out-of-band update for Windows 10 and Windows Server on March 12 to fix CVE-2020-0796, a vulnerability that can allow an unauthenticated attacker to execute arbitrary code on SMB servers and clients.

However, some users have complained on Reddit, Microsoft forums and other websites that the update, KB4551762, has been causing problems. Some say they cannot install the update, while others who did install it claim their PC fails to boot, it crashes, it’s significantly slower than before, or many applications don’t work.

SecurityWeek has reached out to Microsoft to find out what is being done to address these issues and will update this article if the company responds.

The vulnerability, named by some SMBGhost and CoronaBlue, can be used to attack SMB servers by sending them specially crafted packets. It can also be exploited to attack clients by getting the targeted user to connect to a malicious server.

Several proof-of-concept (PoC) exploits that cause a DoS condition and several open source tools that can be used to scan systems for the presence of the vulnerability have been made public.

Since the flaw is likely to be exploited in attacks in the upcoming period, users have been advised to install the available updates as soon as possible, or at least apply mitigations. Several cybersecurity solutions providers have already pushed out updates to their products to block potential attacks.

Advertisement. Scroll to continue reading.

Related: Microsoft Pulls UEFI-Related Windows Update After Users Report Problems

Related: Symantec Endpoint Protection Update Causes Many Devices to Crash

Related: Users Unable to Log on to Windows Due to McAfee Update

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.