Old Windows security flaw resurfaces to steal your login

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • PCHF IT Feeds
    PCHF Bot
    • Jan 2015
    • 54585
    #1

    Old Windows security flaw resurfaces to steal your login

    http://cdn.mos.techradar.com/art/software/Windows/windows_81_rtm/desktop-470-75.jpg

    Security firm Cylance uncovered a security flaw that leaves any device running Windows 8.1 or earlier vulnerable. The Windows vulnerability exposes the user’s Windows username and password automatically when a user clicks on a malicious link or URL.

    Dubbed “Redirect to SMB,” the vulnerability is a variant of a flaw discovered by researcher Aaron Spangler in 1997. Cyclance claims that the flaw was never patched by Microsoft, and the new hack targets the SMB file sharing protocol.

    When a victim enters a URL that starts with ‘file://’ or clicks on a malicious link, Windows is tricked into believing that the user is trying to access a file on a server. Because of this flaw, Windows will try to authenticate itself on the server, revealing the user’s login credentials.

    Although the username is exposed, the password is encrypted. However, Cyclance claims that any hacker with a high-end GPU can decode the encryption. Cracking an eight-character password can be done in less than half a day.

    Microsoft’s response

    Microsoft officials are downplaying the seriousness of the threat, stating that multiple things have to happen to create the perfect storm.

    “We don’t agree with Cylance’s claims of a new attack type. Cybercriminals continue to be engaged in a number of nefarious tactics,” a Microsoft spokesperson told CNET. “However, several factors would need to come together for this type of cyberattack to work, such as success in luring a person to enter information into a fake website. We encourage people to avoid opening links in emails from senders that they don’t recognize or visiting unsecure sites.”

    Microsoft has not stated if or when a patch would arrive.

    Cyclance claims that 31 programs are susceptible to the SMB flaw, including commonly used software like the preloaded Internet Explorer browser as well as Microsoft Excel 2010, Adobe Acrobat Reader and even Symantec’s Norton Security Scan.

    [ul]
    [li]Read our Windows 10 review[/li][/ul]
    http://rss.feedsportal.com/c/669/f/415074/s/455cd459/sc/15/mf.gif


    [URL unfurl="true"]http://da.feedsportal.com/r/224851494940/u/49/f/415074/c/669/s/455cd459/sc/15/rc/1/rc.img[/URL]
    [URL unfurl="true"]http://da.feedsportal.com/r/224851494940/u/49/f/415074/c/669/s/455cd459/sc/15/rc/2/rc.img[/URL]
    [URL unfurl="true"]http://da.feedsportal.com/r/224851494940/u/49/f/415074/c/669/s/455cd459/sc/15/rc/3/rc.img[/URL]

    [URL unfurl="true"]http://da.feedsportal.com/r/224851494940/u/49/f/415074/c/669/s/455cd459/sc/15/a2.img[/URL]http://pi.feedsportal.com/r/22485149...~4/j43No6aItDA

    Continue reading…
    Tags: None
    Previous template Next
    Working...

      We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.

      By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.

      I Agree