The last I heard, Microsoft acknowledged it and promised a fix. I haven't seen it appear yet.
Are you saying that until they provide a fix, it is by definition a false problem, and only becomes a true problem afer it's been fixed?
Only half-joking... :)
It's a true vulnerability. How big an issue is it? SMB is done mostly within the confines of a local network where attacks are mitigated by firewalls and such. So yeah, this is small compared to the SSL vulnerabilities, for example, because they are attackable over the internet.
As reported by cybersecurity experts Cylance, the best fix is to block traffic sent outbound from your computer through your software firewall or through your router, on TCP 139 and TCP 445. This will block SMB communication between your network and the Internet, and if the change is made on the network firewall, you will still be able to use SMB between devices on your local network. Our guide to the Windows Firewall explains how to create these rules in just a few seconds; for your router, you’ll need to check the device documentation.
Can you please distill into instructions suitable for sales reps like me (if you can even dumb it down that far)?
It’s not hard to slip SMB calls into web code. I agree that SMB is mostly an internal operation, but that doesn’t mean the bad guys won’t try to make your computer call to it with SMB.
I blocked SMB outbound on my firewall (pfSense is amazing), and I feel better knowing that vector can’t be exploited.
In theory you're absolutely right. However, the number of SMB shares available on the internet is absolutely astounding.