After a "wormable" vulnerability in the Microsoft Server Message Block 3.0 (SMBv3) protocol was exposed as part of Patch Tuesday this week, Microsoft apparently kicked its efforts to fix the problem into overdrive and has a new patch out today for Windows 10 and Windows Server 2019 (via ZDNet).
Microsoft was already aware of the issue and working on a fix for a subsequent update, but the accidental publishing of the flaw caused them to move up the timetable for its release.
- Google stops scare tactics against Microsoft Edge — but the war isn't over
- Millions of Android phones and tablets vulnerable to attack: What to do
- Microsoft says 99.9% of accounts get hacked for this reason: How to protect yourself
The fact that Microsoft had this update ready to go within 48 hours of the vulnerability being exposed shows you how serious they felt it was so you should be sure to update Windows 10 as soon as possible if the update wasn't applied automatically.
In case you missed the news yesterday, the problem again was in the SMBv3 protocol which allows your users to share resources (files, printers, scanners, etc.) over the local network or the internet.
The flaw in question could have allowed an attacker to inject malicious code onto a connected system, which could then self-replicate across additional machines.
Researchers had already built proof-of-concept attacks based on the flaw, which was apparently trivial to identify given the knowledge that it existed, so again it's easy to see why Microsoft addressed this as quickly as possible.
