18 Year Old Windows Flaw Exploited By Hackers to Steal Sensitive Info

Brian Wallace, senior researcher at Cylance, spotted an 18 year-old security flaw which had quietly plagued Windows for ages. It appears that the security flaw allowed hackers to steal usernames as well as passwords from a plethora of Windows operated systems. Termed ‘Redirect to SMB’, this vulnerability would redirect users to a malicious server where their credentials would be compromised.

In essence, hackers can inflict a man in the middle attack upon which they can break a user’s password. Cylance SPEAR research team has its own term for this: ‘forever day’ vulnerability. This is a reference to its continuity since its initial discovery in 1997 by researcher Aaron Spangler. Spangler noticed a security flaw in Internet Explorer which allowed hackers the same luxury using a protocol, Windows Server Message Block (SMB).

Redirect to SMB’ flaw affect at least 31 mainstream applications on Windows

The flaw Spangler discovered back in 1997 may be restricted to Internet Explorer but the more recently spotted ‘Redirect to SMB’ flaw affects a wide variety of apps on various iterations on Windows. Some of at least 31 affectees include: iTunes, Adobe Reader, Norton Security Scan and Box. Wallace explains that if one were to use free, unsecured wifi on a Windows laptop in a coffee shop, a hacker in the vicinity could steal that user’s credentials for plenty of vulnerable apps in use at that point.

Wallace was vocal about his excitement at discovering the issue with the chat messenger. However, this changed to fear in no time as he learned how far reaching the effects of Redirect to SMB were. As a result, the team disclosed this information to Carnegie Mellon University CERT. Carnegie Mellon then commenced work on patching the vulnerable apps. Wallace is hopeful that the security community will come together in order to sort this out soon.


Following in the footsteps of Wallace, here’s full disclosure of all 31 affected apps: Apple Quicktime, Adobe Reader, Internet Explorer, Apple Software Update, Excel 2010, Windows Media Player, AVG Free, Norton Security Scan, Comodo Antivirus, BitDefender Free, Maltego CE, .NET Reflector, TeamViewer, Box Sync, PyCharm, Github, JDK 8u31’s installer, PHP Storm and IntelliJ IDEA.

  • it reminds me an article ( approx. 5 to 6 years ago ) in which mentioned ” that’s why hackers raise middle finger on Windows security “

  • Quoting someone
    ” Please take a few moments to read what is necessary to exploit this. SMB ports have been blocked by ISPs since the 90s, this was after people figured out that they could see the C: drive of everyone else on the network.
    Other methods are a man in the middle attack. If a man in the middle attack is happening on your home network that is a bigger problem.
    The most likely attack is using a compromised network. So, if you stay off of free public networks, or use appropriate safety, like a VPN, you should be fine. “

  • Ltd feature videos

    Watch more at LTD