Computer security researchers from to security firm Cylance claim that they have uncovered a new vulnerability called Redirect to SMB in Microsoft Corp’s Windows operating system that could theoretically allow hackers to steal login credentials from hundreds of millions of PCs. This vulnerability is similar to one found in the late 1990s that took advantage of a weakness in Windows and Microsoft’s Internet Explorer browser which made it possible for attackers to trick Windows into signing on to a server controlled by hackers.
Although the possibility of an actual scenario occurring is very low, what makes Redirect to SMB unique is that it doesn’t rely on the ignorance of the PC user. Although more traditional infections require interaction from the user via a click of a rogue link, Cylance is adamant the vulnerability can be executed by intercepting the communication to a remote server In the latest variation of the technique, Cylance said users could be hacked without even clicking on a link, if attackers intercept automated requests to log on to a remote server issued by applications running in the background of a typical Windows machine, for example to check for software updates. The attack takes advantage of features in Windows Server Message Block, commonly known as SMB. The new variation, discovered by Cylance researcher Brian Wallace, has so far only been recreated in the laboratory and has not been seen on computers in the outside world.
Microsoft did acknowledge the vulnerability, but did not deem it as large of a threat as Cylance. According to Microsoft, there would be multiple factors necessary to create the “perfect storm” in order for the weakness to be exploited. Microsoft has also continuously updated and added security measures in Windows to negate this type of exploit.
“Several factors would need to converge for a ‘man-in-the-middle’ cyber attack to occur. Our guidance was updated in a Security Research and Defense blog in 2009, to help address potential threats of this nature, There are also features in Windows, such as Extended Protection for Authentication, which enhances existing defenses for handling network connection credentials.”
– Microsoft‘s emailed statement.
Microsoft does periodically issue updates for its entire supported OS. The updates should be installed and could be crucial in providing security for your PC. So next time you get pop up for security update, make sure you are done with the update.