Which exploit name corresponds to a Windows SMB remote code execution vulnerability disclosed in 2017?

Prepare for the WatchGuard Endpoint Security Essentials Test. Study with multiple choice questions, hints, and explanations. Boost your exam readiness now!

Multiple Choice

Which exploit name corresponds to a Windows SMB remote code execution vulnerability disclosed in 2017?

Explanation:
The main idea is identifying a Windows SMB remote code execution vulnerability that was disclosed in 2017. EternalBlue fits this perfectly: it targets the SMBv1 service and allows remote execution of code on vulnerable Windows systems using crafted packets. It gained notoriety after being leaked in 2017 and was used in widespread outbreaks like WannaCry and NotPetya, which is why it’s the well-known 2017 SMB exploit. A patch exists (MS17-010) to fix this vulnerability. BlueKeep, by contrast, is an RDP-related vulnerability disclosed in 2019, not SMB. Zerologon is a separate Netlogon vulnerability disclosed in 2020. Code Injection is a generic term and not the specific 2017 SMB exploit name.

The main idea is identifying a Windows SMB remote code execution vulnerability that was disclosed in 2017. EternalBlue fits this perfectly: it targets the SMBv1 service and allows remote execution of code on vulnerable Windows systems using crafted packets. It gained notoriety after being leaked in 2017 and was used in widespread outbreaks like WannaCry and NotPetya, which is why it’s the well-known 2017 SMB exploit. A patch exists (MS17-010) to fix this vulnerability.

BlueKeep, by contrast, is an RDP-related vulnerability disclosed in 2019, not SMB. Zerologon is a separate Netlogon vulnerability disclosed in 2020. Code Injection is a generic term and not the specific 2017 SMB exploit name.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy