All Versions of Windows Affected by New SMB Flaw

Taking notice of vulnerabilities is absolutely crucial – and there’s one you need to pay attention to right now.

Redirect SMB

There’s a serious vulnerability in all supported versions of Windows that allows attacks to steal your credentials from valuable services.

The bug is related to the way Windows and other software handles some HTTP requests. Researchers are saying it affects a huge variety of apps including iTunes and Adobe Flash.

The Vulnerability

The problem is an extension of something known as Redirect to SMB. It’s a weakness that enables attackers to force victims to try to authenticate an attacker-controlled server. Basically, it’s a way for them to steal credentials by hijacking communications from legitimate web servers, then sending them into malicious SMB servers that force them to produce the victim’s username, domain, and password.

Who’s at Risk?

The Redirect to SMB not only affects all current versions of Windows, but also Flash, GitHub clients, Oracle software and many other security applications. What’s especially worrying is that once a hacker gains victim’s credentials, the passwords can be cracked offline.

It Works Quickly

On a Windows 8.1 laptop, more than 50 different HTTP connections were made after a restart – within just 5 minutes, most of those could be hijacked by an attacker. The sources of the connections range from OEM “update checks” to weather and news applications.

Experts worry that the vulnerability could be used as part of a multi-stage phishing attack. First, hackers exploit vulnerabilities, then after getting a user to click an email link, they take the attack further. Getting the user to log-in to a fake portal or download software to their machine.

Don’t fall victim to an attack or leave your network open to risk.

To get in contact with an IT team that will talk to you about these issues and help ensure you’re properly protected, contact LAN Infotech at sales@laninfotech.com or by phone at (954) 717-1990.

Fort Lauderdale Computer Networks
Network Services in Fort Lauderdale
Network Consulting in Fort Lauderdale
Fort Lauderdale Data Backup
Data Security Fort Lauderdale
 
Client Feedback

“Our experience working with LAN Infotech and its engineers has been very rewarding for our firm. We count on Lan Infotech’s team to engineer, maintain, coordinate and monitor our systems.”

—Ricardo Gonzalez-Rosa
IT Director
Katz Barron Squitero Faust
read more»

Featured IT Services Fort Lauderdale Articles

IT Consulting Advice for Fort Lauderdale: Taking Care of Your Employees Is Taking Care of Your Business!

Quid Pro Quo An IT consulting firm in Fort Lauderdale will usually advise that you get what you give. This is the core principle which defines most working relationships. The employer gives the em

Read more

Featured IT Services

IT Services Business Advice: Do You Really Need a Management Consultant in Fort Lauderdale?

Eliminate the Middleman IT services in Fort Lauderdale need not cost an arm and a leg to provide services your own organization could source internally. You want a consultation agency willing to he

Read more

Featured IT Services

Reasons Why IT Support in Fort Lauderdale is Necessary for Business Growth

IT support in Fort Lauderdale is turning out a necessity for most businesses. This can be pointed to the fact that embracing IT services helps to improve business productivity and efficiency. However,

Read more

Featured IT Services