ProductsLogo
LogoStudy Documents
LogoAI Grader
LogoAI Answer
LogoAI Code Checker
LogoPlagiarism Checker
LogoAI Paraphraser
LogoAI Quiz
LogoAI Detector
PricingBlogAbout Us
logo

CVE-2017-0144 Vulnerability

Verified

Added on  2023/06/07

|4
|666
|199
AI Summary
This paper highlights the reasons behind the occurrence of CVE-2017-0144 vulnerability in the Common Vulnerability and Exposure (CVE) catalogue. The measures that can be taken to prevent these attacks in the future are also described in the following paragraphs.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
Running head: CVE-2017-0144 VULNERABILITY
CVE-2017-0144 Vulnerability
Name of the Student
Name of the University
Author note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
1
CVE-2017-0144 VULNERABILITY
This paper highlights the reasons behind the occurrence of CVE-2017-0144
vulnerability in the Common Vulnerability and Exposure (CVE) catalogue. The following
paragraphs describe the role of CVE-2017-0144 in the EternalBlue exploit. The measures that
can be taken to prevent these attacks in the future are also described in the following
paragraphs.
Common Vulnerability and Exposure is a catalogue of several known security threats
that are divided into two categories- vulnerability and exposure. The vulnerability is any
mistake in the software code that allows an attacker to access the entire system or network
directly. However, exposure means indirect access to the system in case of any mistake in the
code. CVE-2017-0144 is vulnerability in the Microsoft Server Message Block 1.0 (SMBv1)
that is used by the ransom wares to infect systems or networks (Almukaynizi et al. 2017). It
exploits the vulnerability of Server Message Block (SMB) that affects the Microsoft
Windows System. The malicious code or software attempts to exploit the Server Message
Block vulnerability when it is introduced into the Microsoft Window System. The file on the
hard drive of the system is encrypted by a malicious software and it becomes inaccessible to
the authorised user of the system. These ransom wares are spread through malicious
attachments or other infected systems in the same Local Area Network (LAN).
EternalBlue is a term that describes the software vulnerability in the Operating
System of Microsoft. The EternaBlue vulnerability is performed by exploiting the Server
Message Block (SMB) of Microsoft version 1. SMB is a protocol for network file sharing
that makes applications on the same network capable of reading and writing to the data or
files on a computer. The EternalBlue vulnerability is denoted by CVE-2017-0144 in the
catalogue of Common Vulnerability and Exposure. It occurs when the specially crafted codes
or packets by the remote attackers are mishandled by the SMBv1 in the different versions of
Microsoft Windows, as it allows the attackers to run arbitrary codes on the target systems or
Document Page
2
CVE-2017-0144 VULNERABILITY
computers (Chaurasia 2018). The entire data or files of the systems that are connected to the
same server can be accessed by unauthorised users if the hackers send the specially designed
code to a Microsoft Server Message Block.
There are several measures that can be taken to reduce or eliminate the attacks in the
future. The impact of latent vulnerabilities can be reduced if the internal vulnerability
assessments are conducted to identify Microsoft Windows computer systems that are not
patched with MS17-010 and this patch is applied on the affected systems. The users are
required to update anti-malware software or endpoint protection tools to detect and remove
ransom wares. The organisations are required to conduct security awareness plans and give
them training about ransomware attacks. The users should not open attachments or links from
unknown or suspected sources.
It can be concluded from the above discussion that the CVE-2017-0144 is the
vulnerability in the Microsoft Server Message Block 1.0 (SMBv1) that is used by the hackers
to infect the target systems or computers. It can be reduced or eliminated by patching the
systems with MS17-010.
Document Page
3
CVE-2017-0144 VULNERABILITY
References:
Almukaynizi, M., Grimm, A., Nunes, E., Shakarian, J. and Shakarian, P., 2017. Predicting
cyber threats through the dynamics of user connectivity in darkweb and deepweb
forums. ACM Computational Social Science. ACM.
Chaurasia, R., 2018. Ransomware: The Cyber Extortionist. In Handbook of Research on
Information and Cyber Security in the Fourth Industrial Revolution (pp. 64-111). IGI Global.
1 out of 4
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.