Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: dayglored

Nothing but click-bait.

If this was a true problem, it would have been fixed.


7 posted on 04/20/2015 5:46:24 PM PDT by Erik Latranyi (Hillary is the most qualified candidate to finish the destruction of this nation.)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: Erik Latranyi
> Nothing but click-bait. If this was a true problem, it would have been fixed.

The last I heard, Microsoft acknowledged it and promised a fix. I haven't seen it appear yet.

Are you saying that until they provide a fix, it is by definition a false problem, and only becomes a true problem afer it's been fixed?

Only half-joking... :)

It's a true vulnerability. How big an issue is it? SMB is done mostly within the confines of a local network where attacks are mitigated by firewalls and such. So yeah, this is small compared to the SSL vulnerabilities, for example, because they are attackable over the internet.

11 posted on 04/20/2015 5:55:29 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is...sounding pretty good about now.)
[ Post Reply | Private Reply | To 7 | View Replies ]
To: Erik Latranyi

It is a real problem as it can be used to push a user’s security hash to the attacker. That then allows an offline attack against the hash which can reveal the password.


15 posted on 04/20/2015 6:30:01 PM PDT by taxcontrol
[ Post Reply | Private Reply | To 7 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson