Posted on 04/20/2015 5:35:14 PM PDT by dayglored
IMPORTANT -- This thread is a followup to http://www.freerepublic.com/focus/f-chat/3278876/posts - New Redirect to SMB Flaw in all Windows versions including Windows 10. It contains a list of the specific software packages affected, and there are a LOT of them.
What would you say if we told you that your version of Windows is affected by a vulnerability that dates back to 1997? You’d laugh, right? Surely, after all, Microsoft would have patched the fault prior to releasing Windows 98, or at the latest, Windows 2000?
Well, not quite.
This Redirect to SMB vulnerability has its roots in the identically-named attack discovered by Aaron Spangler 18 years ago. And it’s a problem that you need to do something about, because it doesn’t only affect Windows, but also programs from Adobe, Apple, Symantec and even the Windows 10 preview...
(Excerpt) Read more at makeuseof.com ...
The important thing here is the list of software packages affected by this vulnerability. You'll be amazed, and you should be concerned.
Microsoft:
Internet Explorer 11
Windows Media Player
Excel 2010
Microsoft Baseline Security Analyzer
Apple:
QuickTime
Apple iTunes Software Update
Frustratingly for a vulnerability of this kind, security software is also affected.
Symantec Norton Security Scan
AVG Free
BitDefender Free
Comodo Antivirus
Productivity apps that are known to be vulnerable to Redirect to SMB:
Adobe Reader
Box Sync (the Box.net cloud client app)
TeamView
These utilities and installers are also affected:
.NET Reflector
Maltego CE
GitHub for Windows
PyCharm
IntelliJ IDEA
PHP Storm
Oracle JDK 8u31’s installer
Just thought I would ask:
Linux?
Yeah, I think the original article this follows up on said if you're using the Samba SMB package you have it. I'll check and report back...
.Net Reflection and PyCharm? Wow, is it debugger related. Thats an odd,pair
The question we all need to be asking is, “how do we kill the machines?”
Nothing but click-bait.
If this was a true problem, it would have been fixed.
Difficult to access the true reason behind this post. One thing is cetain, null became a void to the delight of null and void.
Did you click on the link?
The last I heard, Microsoft acknowledged it and promised a fix. I haven't seen it appear yet.
Are you saying that until they provide a fix, it is by definition a false problem, and only becomes a true problem afer it's been fixed?
Only half-joking... :)
It's a true vulnerability. How big an issue is it? SMB is done mostly within the confines of a local network where attacks are mitigated by firewalls and such. So yeah, this is small compared to the SSL vulnerabilities, for example, because they are attackable over the internet.
LOL! :)
This followup article had a nice list of software packages affected by the flaw. Having a list of specifics makes it easier to grasp a) that there really is a problem, and b) whether or not it affects the individual.
It also happened to use a graphic at the head of the article that is a conceptual offspring of the Windows Ping List logo I developed a few weeks ago here. I speculate that the artist lurks on FreeRepublic and decided to steal mine... LOL
It is a real problem as it can be used to push a user’s security hash to the attacker. That then allows an offline attack against the hash which can reveal the password.
ping for later
As reported by cybersecurity experts Cylance, the best fix is to block traffic sent outbound from your computer through your software firewall or through your router, on TCP 139 and TCP 445. This will block SMB communication between your network and the Internet, and if the change is made on the network firewall, you will still be able to use SMB between devices on your local network. Our guide to the Windows Firewall explains how to create these rules in just a few seconds; for your router, you’ll need to check the device documentation.
Can you please distill into instructions suitable for sales reps like me (if you can even dumb it down that far)?
What can you do?
Use LINUX. I’m using Mint cinammon 17.1 right now and is the sweetest OS I have ever used. Does circles around windoze while only using half the hardware.
let’s talk apples and oranges.
My Win7 pc has a dual 64bit proc and 4gb of RAM.
My Linux Mint (cinammon rebecca) has a single 64bit proc and 4gb of RAM, and it does circles around the windoze machine.
And never any maintenance required, i.e. defrag, c cleaner, malware etc. Linux Mint “Rebecca (17.1)” is THE sweetest OS I have ever used.
I agree, that is exactly what I am running on a dual core. I have a Win 7 partition that chokes this machine to a CRAWL.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.