EternalBlue exploits a vulnerability in which Windows component?

Prepare for the Penetration Testing and Vulnerability Analysis Test with a range of challenging questions. Study with multiple choice format, hints, and detailed explanations to ace your next exam!

Multiple Choice

EternalBlue exploits a vulnerability in which Windows component?

Explanation:
EternalBlue targets the SMBv1 protocol used by Windows for network file and printer sharing. A flaw in the SMBv1 server allowed an attacker to send crafted network packets that could execute arbitrary code on the victim machine, enabling remote code execution and worm-like propagation. This vulnerability (CVE-2017-0143, patched by MS17-010) became infamous for rapid spread before patches were applied. The other Windows services listed are different components (WMI, DNS, RDP), but EternalBlue’s exploit is specific to SMBv1.

EternalBlue targets the SMBv1 protocol used by Windows for network file and printer sharing. A flaw in the SMBv1 server allowed an attacker to send crafted network packets that could execute arbitrary code on the victim machine, enabling remote code execution and worm-like propagation. This vulnerability (CVE-2017-0143, patched by MS17-010) became infamous for rapid spread before patches were applied. The other Windows services listed are different components (WMI, DNS, RDP), but EternalBlue’s exploit is specific to SMBv1.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy