Windows Flaw Report Played Down By Microsoft

A report from Cylance revealed a Windows flaw that does not appear to trouble Microsoft. The flaw affects all Windows-powered PCs, tablet or servers using Windows 8.1 and earlier. The flaw may also affect the upcoming Windows 10 OS, as indicated on a blog post by the security research company.

The flaw was called "Redirect to SMB." The vulnerability is associated with an earlier Windows flaw that was discovered by Aaron Spangler in 1997. The flaw causes the operating system to provide the username and password of the Windows user to a server. Microsoft has yet to deal with the flaw.

The main issue in the flaw is the SMB or the server message block. It is a protocol that permits file sharing within a network. Companies normally use SMBs to share files from a Windows server throughout the entire network of the company.

Cylance revealed that the “Redirect to SMB” attack will require the word "file://" along with a URL to be typed in by users. Clicking on a malicious link will also trigger the attack. The flaw makes Windows think that the image link is an attempt to access a file on a server by the user. Due to this, the operating system will provide the credentials of the user.

Microsoft Headquarters - image credit: digitaltrends.com

Once the credentials are obtained by hackers, they will see an encrypted password. But, hackers using high-end graphics processing units can decipher 8-character passwords containing upper and lowercase letters and numbers within a day. While the severity of the flaw is up for debate, the issue has already existed for a number of years. Microsoft offered guidelines on how users can protect themselves from the flaw in 2009 through security advisories.

Microsoft played down the discovery of Cylance as it indicated that the Windows flaw was not new and there is little chance for anyone to fall victim to it.

A spokesperson from Microsoft said the company does not agree with the claims of Cylance on the flaw. While cybercriminals have continued to engage in numerous unlawful activities, a number of factors have to be present in order for an attack to occur, including luring users to type in important information into a fake website. The spokesperson added that users should avoid opening links in emails sent by someone they do not know as well as visiting unsecure websites.

Cylance revealed that thirty-one programs are affected by the flaw, including Excel and Internet Explorer2010. The same attack can also affect Apple Quick Time, the Norton Security Scan of Symantec and the Adobe Reader. The Windows flaw can also affect many applications that automatically check for updates online, according to the Carnegie Mellon University, which outlined the flaw recently.

Posted by George Daniels on Tuesday April 14 2015, 10:50 AM EDT. All trademarks acknowledged. Filed under Technology. Comments and Trackbacks closed. Follow responses: RSS 2.0