Microsoft patched the attack vector in this month's Patch Tuesday via the ADV170014 security advisory. The hack was discovered by Columbian security researcher Juan Diego, who reported the issue to Microsoft in April. Patches available only to Windows 10 and Server 2016 Nonetheless, users in enterprise environments, schools, and other public networks often share folders without a password due to convenience, leaving many systems open for attacks. Since this is the default option in Windows, most users aren't vulnerable to this attack. Not all computers with shared folders are vulnerableĬomputers with shared folders protected by a password are safe. Such a hack would allow an attacker that has a direct connection to a victim's network to escalate access to nearby systems. Using publicly available software, an attacker could crack the NTLM password hash and later gain access to the user's computer. Once the file has been placed inside the folder, it executes due to a mysterious bug, collects the target's NTLM password hash, and sends it to an attacker-configured server. All the attacker needs to do is to place a malicious SCF file inside publicly accessible Windows folders. The hack is easy to carry out and doesn't involve advanced technical skills to pull off. Microsoft has patched only recent versions Windows against a dangerous hack that could allow attackers to steal Windows NTLM password hashes without any user interaction.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |