Microsoft issued an advisory warning Windows users of a new critical, unpatched, and wormable vulnerability affecting network communication protocol. The yet-to-be patched flaw (tracked as), if exploited successfully, could allow an attacker to execute arbitrary code on the target SMB Server or SMB Client. Microsoft urged users to disable SMBv3 compression and block TCP port 445 on firewalls and client computers as a workaround. Despite the severity of the bug, there’s no evidence that it’s being exploited in the wild.
Source: https://thehackernews.com/2020/03/smbv3-wormable-vulnerability.html