From thehackernews.com
![](https://thehackernews.com/images/-31RfzSS3xQM/Xt-9Ggf-iMI/AAAAAAAAAbo/CAzBcgrMaUkcozaX_3-vN2Kqw-vCruNKwCLcBGAsYHQ/s728-e100/SMBleed-smb-vulnerability.jpg)
Cybersecurity researchers today uncovered a new critical vulnerability affecting the Server Message Block (SMB) protocol that could allow attackers to leak kernel memory remotely, and when combined with a previously disclosed “wormable” bug, the flaw can be exploited to achieve remote code execution attacks.
Dubbed “SMBleed” (CVE-2020-1206) by cybersecurity firm ZecOps, the flaw resides in SMB’s decompression function — the same function as with SMBGhost or EternalDarkness bug (CVE-2020-0796), which came to light three months ago, potentially opening vulnerable Windows systems to malware attacks that can propagate across networks.