Which exploit targets CVE-2017-0144 in the SMB protocol?

Prepare for the WatchGuard Endpoint Security Essentials Test. Study with multiple choice questions, hints, and explanations. Boost your exam readiness now!

Multiple Choice

Which exploit targets CVE-2017-0144 in the SMB protocol?

Explanation:
CVE-2017-0144 is a remote code execution flaw in the SMBv1 server on Windows. EternalBlue is the exploit that takes advantage of this exact vulnerability by sending specially crafted SMB packets to a vulnerable machine, allowing an attacker to execute arbitrary code remotely and often spread laterally across a network. This vulnerability was exposed publicly during the WannaCry outbreak, and patches under MS17-010 mitigated it by disabling or removing vulnerable SMBv1 functionality. The other options point to different issues: BlueKeep targets a Remote Desktop Protocol flaw, Zerologon targets a Netlogon vulnerability, and DCSync is a credential-collection technique rather than an SMB remote-exploit.

CVE-2017-0144 is a remote code execution flaw in the SMBv1 server on Windows. EternalBlue is the exploit that takes advantage of this exact vulnerability by sending specially crafted SMB packets to a vulnerable machine, allowing an attacker to execute arbitrary code remotely and often spread laterally across a network. This vulnerability was exposed publicly during the WannaCry outbreak, and patches under MS17-010 mitigated it by disabling or removing vulnerable SMBv1 functionality. The other options point to different issues: BlueKeep targets a Remote Desktop Protocol flaw, Zerologon targets a Netlogon vulnerability, and DCSync is a credential-collection technique rather than an SMB remote-exploit.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy