Monday, 13 April 2015

‘New’ Windows SMB Vulnerability Affects All Software Versions But Microsoft Probably Won’t Patch It


A serious Windows vulnerability affecting all versions – including the Windows 10 preview – was recently discovered by a team of security researchers at Carnegie Mellon’s CERT Division. The issue, dubbed “Redirect to SMB” is what is known as a “zombie” vulnerability in that it is a newer version of an old bug discovered nearly 20 years ago. The Windows bug can allow an attacker to steal credentials such as usernames and passwords for numerous services inside Windows, as well as software form some 31 different companies – most notably, Adobe, Apple and Oracle. The bug has to do with how Windows and other software handle HTTP requests, and can affect some very popular programs such as iTunes and Adobe Flash.
The bug was disclosed on Monday by Cylance researchers who were sure to note it was an updated version of research by Aaron Spangler in 1997.
“Redirect to SMB is a way for attackers to steal valuable user credentials by hijacking communications with legitimate web servers via man-in-the-middle attacks, then sending them to malicious SMB (server message block) servers that force them to spit out the victim’s username, domain and hashed password,” wrote Brain Wallace of Cylance in a blog post Monday.

No comments:

Post a Comment