SMB Vulnerability Detected

karthikeyan natarajan 1 Reputation point
2021-11-11T17:34:26.157+00:00

i getting multiple times these type vulnerabilities repeatedly on external antivirus. exactly i don't know what i do. Kindly help on this to fix this issue or please explain on this.

Vulnerability Detected
SMB/EternalBlue.U
N!SP.34666

SMB/CVE-2017-014
7-EC.WIN!KP.1912

SMB/DOUBLEPULS
AR.WIN!KP.1911

Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,384 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
3,000 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,902 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Limitless Technology 39,796 Reputation points
    2021-11-17T08:53:51.597+00:00

    Hello @karthikeyan natarajan ,

    Thank you for your question.

    Problem like this usually happens because of some recently installed application that contains some malicious script, I recommend you to check it.

    Also, sometimes antiviruses alert you of some false positives, that is, the idea of having a virus on the device, but that is actually a problem with the antivirus itself, so you need to check with them if there is any problem related to this false positive that appears for you.

    Additionally, I will suggest you to perform below steps.

    1. As these alerts for SMB 1 , Hence I will suggest you to disable SMB 1 protocol port from your PC or server if you are not using any applications which requires this port to be opened. Microsoft has also recommend to disable this SMB 1 as its legacy and Vulnerable.
    2. Update your virus definition Perform Full Virus scan .
    3. Update Windows to latest version.
    4. Cleanup below Temp folders
      C:\Windows\Temp
      %USERPROFILE%\AppData\Local\Temp
    5. Run Disk Cleanup from Select C:\ Drive from Properties- > General -> Disk Cleanup - >Cleanup system files

    ------------------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.