The zero-day memory corruption flaw resides in Vulnerability-related.DiscoverVulnerability the implementation of the SMB ( server message block ) network file sharing protocol that could allow a remote , unauthenticated attacker to crash systems with denial of service attack , which would then open them to more possible attacks . According to US-CERT , the vulnerability could also be exploited Vulnerability-related.DiscoverVulnerability to execute arbitrary code with Windows kernel privileges on vulnerable systems , but this has not been confirmed Vulnerability-related.DiscoverVulnerability right now by Microsoft . Without revealing Vulnerability-related.DiscoverVulnerability the actual scope of the vulnerability and the kind of threat the exploit poses , Microsoft has just downplayed Vulnerability-related.DiscoverVulnerability the severity of the issue , saying : `` Windows is the only platform with a customer commitment to investigate reported security issues , and proactively update impacted devices as soon as possible . We recommend customers use Windows 10 and the Microsoft Edge browser for the best protection . '' However , the proof-of-concept exploit code , Win10.py , has already been released Vulnerability-related.DiscoverVulnerability publicly for Windows 10 by security researcher Laurent Gaffie and does not require targets to use a browser . The memory corruption flaw resides in Vulnerability-related.DiscoverVulnerability the manner in which Windows handles SMB traffic that could be exploited Vulnerability-related.DiscoverVulnerability by attackers ; all they need is tricking victims to connect to a malicious SMB server , which could be easily done using clever social engineering tricks . `` In particular , Windows fails to properly handle a server response that contains too many bytes following the structure defined in the SMB2 TREE_CONNECT Response structure , '' CERT said in the advisory . `` By connecting to a malicious SMB server , a vulnerable Windows client system may crash ( BSOD ) in mrxsmb20.sys . '' Since the exploit code is now publicly available to everyone and there is no official patch from Microsoft , all Windows users are left open to potential attacks at this time . Until Microsoft patches Vulnerability-related.PatchVulnerability the memory corruption flaw ( most probably in the upcoming Windows update or out-of-band patch ) , Windows users can temporarily fix Vulnerability-related.PatchVulnerability the issue by blocking outbound SMB connections ( TCP ports 139 and 445 and UDP ports 137 and 138 ) from the local network to the WAN .