Skip to main content

Dun dun dun! Eternal Darkness flaw threatens Windows 10 PCs: What to do

Windows 10 May 2020 Update
(Image credit: Microsoft)

Eternal Darkness, also known as SMBGhost, is a menacing, nasty flaw that threatens Windows PCs. The security risk is so concerning, it even caught the eye of the US Cybersecurity and Infrastructure Security Agency (CISA), PCGamer reported.

If this flaw remains unpatched, an ill-intentioned hacker could gain control over your system and wreak havoc on your PC.

What does SMBGhost do?

SMBGhost is an exploit code that takes advantage of bugs in the SMB (Server Message Block), which is a network communication protocol that allows Windows to talk with other devices, such as file servers and printers.

When an attacker exploits this flaw, the bug grants the hacker unauthorized access to a Windows computer. With this access, the hijacker can remotely infect the PC with malicious programs such as ransomware and malware. 

SMBGhost is "wormable." This means it has the ability to spread from one vulnerable machine to another, which could cause billions of dollars in damage for corporate networks. 

The proof-of-concept SMBGhost exploit code was published by Github user Chompie1337. Chompie1337 admitted that the exploit was haphazardly written and is unreliable, but with a little more work from a more diligent hacker, the code could cause considerable damage.

"Using this for any purpose other than self-education is an extremely bad idea. Your computer will burst in flames. Puppies will die," Chompie1337 jokingly warned GitHub users.

Who is vulnerable to SMGhost?

Microsoft published a patch to fix this SMB issue in March, but a great number of Internet-connected computers are still unpatched and vulnerable to the Eternal Darkness attack. 

Many users have been holding off on updating their PCs due to Microsoft's history of system-damaging patches, according to HotHardware. Windows users who have forgone upgrades are most susceptible to the Eternal Darkness flaw.

That said, Microsoft wrote in a security advisory that the vulnerability exists in a new feature that was added to Windows 10 version 1903 (released on May 27), and, therefore, older versions of Windows aren't in danger.

How to avoid Eternal Darkness

Homeland Security's CISA issued an advisory, warning PC users that hackers are actively targeting unpatched systems using the SMBGhost exploit code. CISA urged users to install updates immediately.

"Although Microsoft disclosed and provided updates for this vulnerability in March 2020, malicious cyber actors are targeting unpatched systems with the new [proof-of-concept], according to recent open-source reports. CISA strongly recommends using a firewall to block SMB ports from the internet and to apply patches to critical- and high-severity vulnerabilities as soon as possible," CISA said.

If you haven't yet updated your Windows system yet, there's no better time than now. However, we're well aware of how unstable Windows updates can be, so make sure to back up your files -- just in case.