Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New Redirect to SMB Flaw in all Windows versions including Windows 10


  • Please log in to reply
1 reply to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:08:09 AM

Posted 13 April 2015 - 05:53 PM

 

A critical Server Message Block (SMB) #VU672268 in all Windows version including Windows 10 allows potential hackers to steal sensitive login credentials

Security researchers at Cylance have discovered a serious vulnerability in all supported versions of Windows that can allow a potential hacker who has control of some portion of a victim’s network traffic to steal users’ credentials for valuable services.

Cylance researchers disclosed the vulnerability today on their website in which they said that their study is an extension to a similar research done by Aaron Spangler in 1997.

 

 

New Redirect to SMB Flaw in all Windows versions including Windows 10 allows hackers to steal login credentials

 

.



BC AdBot (Login to Remove)

 


#2 Kilroy

Kilroy

  • BC Advisor
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:04:09 PM

Posted 13 April 2015 - 09:08 PM

Please take a few moments to read what is necessary to exploit this.  SMB ports have been blocked by ISPs since the 90s, this was after people figured out that they could see the C: drive of everyone else on the network.

 

Other methods are a man in the middle attack.  If a man in the middle attack is happening on your home network that is a bigger problem.

 

The most likely attack is using a compromised network.  So, if you stay off of free public networks, or use appropriate safety, like a VPN, you should be fine.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users