Cyclane, a cyber security company has announced that its SPEAR team has discovered a vulnerability that impacts all versions of Windows including the latest version of Windows 10 Technical Preview. The vulnerability which is discovered by the SPEAR team of Cyclane steals the sensitive information like login credentials which are residing in the computer without the user’s knowledge.
Windows vulnerability steals login credentials
A research was conducted by one of the SPEAR team members, Brian Wallace. The SPEAR team has spotted 31 software packages that could be abused and compromised to leak the login credentials using the vulnerability which they have internally named as “Redirect to SMB” where SMB indicates server message block. The vulnerable applications include popular applications like Adobe Reader, Apple QuickTime and Apple Software update for iTunes, Symantec’s Norton Security Scan, Box’s Sync client and Microsoft’s very own Internet Explorer 11, Explorer 2010 and Windows Media Player.
“Redirect to SMB” vulnerability is an extension of one which is discovered by Aaron Spangler in the year 1997. The vulnerability discovered works by tricking the applications into allowing the Windows OS to authenticate with the help of hacker-controlled server, there by, enabling an attacker to sniff the victim’s login credentials, including encrypted passwords.
The Cyber security company, Cylance has worked along with CERT at Carnegie Mellon University to coordinate the disclosure of found vulnerability.
Full details on SPEAR vulnerability can be found in Cyclane’s blog where the company demonstrates about the original attack which was carried out, its impact and various affected applications.