Redirect to SMB flaw affects all versions of Windows

Security researchers say they have uncovered a vulnerability in all versions of Microsoft’s Windows operating system that can enable attackers to control certain portions of a victim’s network traffic and snatch the user’s credentials.

Security firm Cylance named the vulnerability “Redirect to SMB.” Researchers from the company said it is similar to another flaw discovered in the late 1990s that took advantage of a weakness in Windows and the Internet Explorer browser which enabled attackers to fool Windows into signing on to server controlled by hackers.

“We’ve uncovered a new technique for stealing login credentials from any Windows PC, tablet or server, including one running previews of the yet-to-be-released Windows 10 operating system,” Brian Wallace, senior research engineer for Cylance, wrote in his blog. “Redirect to SMB is a way for attackers to steal vulnerable user credentials by hacking communications with legitimate Web servers via man-in-the-middle attacks then sending them to malicious SMB (server message block) servers that force them to spit out the victim’s username, domain and hashed passwords.”

He said software from at least 31 companies, including Adobe, Apple, Box, Microsoft, oracle and Symantec can be exploited by using the vulnerability.

Wallace said the vulnerability has so far only been recreated in the laboratory and has not been spotted in computers in the outside world.

Microsoft, however, said the threat is not that big. In an emailed statement to newswire company Reuter, the software company said it issued a security guidance to deal with this sort of threat in its Security Research and Defense blog back in 2009.

Windows also has some features such as Extended Protection for Authentication, which boosts the operating system’s ability to protect network connection credentials, Microsoft said.


Read more here


Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Nestor E. Arellano
Nestor E. Arellano
Toronto-based journalist specializing in technology and business news. Blogs and tweets on the latest tech trends and gadgets.

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now