All Windows versions still vulnerable to 18 year old severe SMB flaw

New (although, it was discovered already  about 18 years ago) SMB security flaw affects all Windows versions, including Windows 7, Windows 8 and all new Microsoft Windows10. It can trigger data interception automatically and concerns have been increasing on the matter.

If you recall the late 90s, there was a serious vulnerability that had emerged bringing terror to Windows users. Internet Explorer and Microsoft could be penetrated and the personal information of users could be intercepted within a heartbeat, causing the computers to get connected to servers that were not legit or harmless.

A similar vulnerability has just been discovered by security experts at the firm Cylance, affecting all versions of Windows as it turns out. According to their recent blog post on the matter, the security firm professionals stress out that this vulnerability can have a tremendous impact on all Windows PCs and the vulnerability has been named Redirect to SMB: “Redirect to SMB is a way for attackers to steal valuable user credentials by hijacking communications with legitimate web servers via man-in-the-middle attacks, then sending them to malicious SMB (server message block) servers that force them to spit out the victim’s username, domain and hashed password.”

The most important thing for a hacker to benefit from, based on this flaw of security that has popped out, is of course the click on a bad link made by the Windows user. Once a user has done that (without him knowing, of course), hijacking is easily completed and the hell can break loose. Nevertheless, this is not the only way for a Windows user to experience such negative consequences. On the contrary, it is even possible for the hacking process to be launched simply by getting to ignite automated log-in requests. So, you can see that even without doing anything, the Windows user of any version can get in trouble.

It is interesting that the security vulnerability seems to be affecting the newest version of Windows, which has not yet been introduced to the public (Windows 10). In addition, it clearly influences software coming from dozens of well-esteemed companies (for example, Adobe, Apple, Box, Microsoft, Oracle and Symantec).

Microsoft has stated that the security hazard is not as grave as it has been presented by Cylance. According to their own point of view, the threat is not eminent: “Several factors would need to converge for a ‘man-in-the-middle’ cyberattack to occur. Our guidance was updated in a blog in 2009, to help address potential threats of this nature.” Apparently, the company highlights the importance of maintaining the proper security precautions and reassures Windows users that a cyber attack does not happen that easily.

On the subject, there has been a warning released by the CERT Unit of Carnegie Mellon University. The Software Engineering Institute has not yet determined a permanent solution to tackle with the problem. However, with the warning that they have issued, they aim to eliminate the threat step by step. You can have a look at what they have published here and take a glimpse at the various details related to the vulnerability.

Top/Featured Image: by Kristiyan Bogdanov – Own work – Licensed under CC BY-SA 3.0 via Wikimedia Commons

COMMENTS

WORDPRESS: 0
DISQUS: 0

All Windows versions still vulnerable to 18 year old severe SMB flaw

by Ali Qamar time to read: 2 min
0