Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Every Version of Windows Is Affected By This Vulnerability – What You Can Do About It
MakeUseOf ^ | April 16, 2015 | Christian Cawley

Posted on 04/20/2015 5:35:14 PM PDT by dayglored

IMPORTANT -- This thread is a followup to http://www.freerepublic.com/focus/f-chat/3278876/posts - New Redirect to SMB Flaw in all Windows versions including Windows 10. It contains a list of the specific software packages affected, and there are a LOT of them.

What would you say if we told you that your version of Windows is affected by a vulnerability that dates back to 1997? You’d laugh, right? Surely, after all, Microsoft would have patched the fault prior to releasing Windows 98, or at the latest, Windows 2000?

Well, not quite.

This Redirect to SMB vulnerability has its roots in the identically-named attack discovered by Aaron Spangler 18 years ago. And it’s a problem that you need to do something about, because it doesn’t only affect Windows, but also programs from Adobe, Apple, Symantec and even the Windows 10 preview...

(Excerpt) Read more at makeuseof.com ...


TOPICS: Business/Economy; Computers/Internet; Hobbies
KEYWORDS: microsoft; samba; smb; windows; windowspinglist
Navigation: use the links below to view more comments.
first 1-2021-29 next last
Thanks to FReeper ShadowAce for alerting me to this for the Windows Ping list.

The important thing here is the list of software packages affected by this vulnerability. You'll be amazed, and you should be concerned.

Microsoft:
    Internet Explorer 11
    Windows Media Player
    Excel 2010
    Microsoft Baseline Security Analyzer
Apple:
    QuickTime
    Apple iTunes Software Update
Frustratingly for a vulnerability of this kind, security software is also affected.
    Symantec Norton Security Scan
    AVG Free
    BitDefender Free
    Comodo Antivirus
Productivity apps that are known to be vulnerable to Redirect to SMB:
    Adobe Reader
    Box Sync (the Box.net cloud client app)
    TeamView
These utilities and installers are also affected:
    .NET Reflector
    Maltego CE
    GitHub for Windows
    PyCharm
    IntelliJ IDEA
    PHP Storm
    Oracle JDK 8u31’s installer

1 posted on 04/20/2015 5:35:14 PM PDT by dayglored
[ Post Reply | Private Reply | View Replies]

To: dayglored; Abby4116; afraidfortherepublic; aft_lizard; AF_Blue; Alas Babylon!; amigatec; ...
Followup on the SMB vulnerability, with specific software to look out for ... PING!

You can find all the Windows Ping list threads with FR search: search on keyword "windowspinglist".

2 posted on 04/20/2015 5:36:10 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is...sounding pretty good about now.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dayglored

Just thought I would ask:

Linux?


3 posted on 04/20/2015 5:36:42 PM PDT by Cringing Negativism Network (http://www.census.gov/foreign-tradebalance/c5700.html)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Cringing Negativism Network
> Just thought I would ask: Linux?

Yeah, I think the original article this follows up on said if you're using the Samba SMB package you have it. I'll check and report back...

4 posted on 04/20/2015 5:39:50 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is...sounding pretty good about now.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: dayglored

.Net Reflection and PyCharm? Wow, is it debugger related. Thats an odd,pair


5 posted on 04/20/2015 5:41:54 PM PDT by ImJustAnotherOkie
[ Post Reply | Private Reply | To 1 | View Replies]

To: dayglored

The question we all need to be asking is, “how do we kill the machines?”


6 posted on 04/20/2015 5:43:14 PM PDT by 9thLife ("Life is a military endeavor..." -- Pope Francis)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dayglored

Nothing but click-bait.

If this was a true problem, it would have been fixed.


7 posted on 04/20/2015 5:46:24 PM PDT by Erik Latranyi (Hillary is the most qualified candidate to finish the destruction of this nation.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dayglored
Here's an SMBC redirect...
8 posted on 04/20/2015 5:49:38 PM PDT by null and void (He who kills a tyrant (i.e. an usurper) to free his country is praised and rewarded ~ Thomas Aquinas)
[ Post Reply | Private Reply | To 1 | View Replies]

To: null and void

Difficult to access the true reason behind this post. One thing is cetain, null became a void to the delight of null and void.


9 posted on 04/20/2015 5:54:27 PM PDT by Fungi (So you think you know anything about evolution? Think again.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: Fungi

Did you click on the link?


10 posted on 04/20/2015 5:54:58 PM PDT by null and void (He who kills a tyrant (i.e. an usurper) to free his country is praised and rewarded ~ Thomas Aquinas)
[ Post Reply | Private Reply | To 9 | View Replies]

To: Erik Latranyi
> Nothing but click-bait. If this was a true problem, it would have been fixed.

The last I heard, Microsoft acknowledged it and promised a fix. I haven't seen it appear yet.

Are you saying that until they provide a fix, it is by definition a false problem, and only becomes a true problem afer it's been fixed?

Only half-joking... :)

It's a true vulnerability. How big an issue is it? SMB is done mostly within the confines of a local network where attacks are mitigated by firewalls and such. So yeah, this is small compared to the SSL vulnerabilities, for example, because they are attackable over the internet.

11 posted on 04/20/2015 5:55:29 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is...sounding pretty good about now.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: null and void

LOL! :)


12 posted on 04/20/2015 5:57:18 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is...sounding pretty good about now.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: null and void
Yes, well done. I meant the original post, not yours, sorry. A null came before the void, and never the twain shall meet.
13 posted on 04/20/2015 5:59:30 PM PDT by Fungi (So you think you know anything about evolution? Think again.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: Fungi
> Difficult to access the true reason behind this post... I meant the original post,...

This followup article had a nice list of software packages affected by the flaw. Having a list of specifics makes it easier to grasp a) that there really is a problem, and b) whether or not it affects the individual.

It also happened to use a graphic at the head of the article that is a conceptual offspring of the Windows Ping List logo I developed a few weeks ago here. I speculate that the artist lurks on FreeRepublic and decided to steal mine... LOL

14 posted on 04/20/2015 6:10:09 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is...sounding pretty good about now.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: Erik Latranyi

It is a real problem as it can be used to push a user’s security hash to the attacker. That then allows an offline attack against the hash which can reveal the password.


15 posted on 04/20/2015 6:30:01 PM PDT by taxcontrol
[ Post Reply | Private Reply | To 7 | View Replies]

To: dayglored

ping for later


16 posted on 04/20/2015 6:30:09 PM PDT by stylin19a (obama = Eddie Mush)
[ Post Reply | Private Reply | To 1 | View Replies]

To: dayglored
So the article suggests closing ports 139 and 445 to outbound SMB traffic. Here is the paragraph:

As reported by cybersecurity experts Cylance, the best fix is to block traffic sent outbound from your computer through your software firewall or through your router, on TCP 139 and TCP 445. This will block SMB communication between your network and the Internet, and if the change is made on the network firewall, you will still be able to use SMB between devices on your local network. Our guide to the Windows Firewall explains how to create these rules in just a few seconds; for your router, you’ll need to check the device documentation.

Can you please distill into instructions suitable for sales reps like me (if you can even dumb it down that far)?

17 posted on 04/20/2015 6:52:57 PM PDT by texas booster (Join FreeRepublic's Folding@Home team (Team # 36120) Cure Alzheimer's!)
[ Post Reply | Private Reply | To 11 | View Replies]

To: dayglored

What can you do?

Use LINUX. I’m using Mint cinammon 17.1 right now and is the sweetest OS I have ever used. Does circles around windoze while only using half the hardware.


18 posted on 04/20/2015 7:05:59 PM PDT by bicyclerepair (Ft. Lauderdale FL (zombie land). TERM LIMITS ... TERM LIMITS)
[ Post Reply | Private Reply | To 1 | View Replies]

To: bicyclerepair

let’s talk apples and oranges.

My Win7 pc has a dual 64bit proc and 4gb of RAM.
My Linux Mint (cinammon rebecca) has a single 64bit proc and 4gb of RAM, and it does circles around the windoze machine.

And never any maintenance required, i.e. defrag, c cleaner, malware etc. Linux Mint “Rebecca (17.1)” is THE sweetest OS I have ever used.


19 posted on 04/20/2015 7:09:19 PM PDT by bicyclerepair (Ft. Lauderdale FL (zombie land). TERM LIMITS ... TERM LIMITS)
[ Post Reply | Private Reply | To 18 | View Replies]

To: bicyclerepair

I agree, that is exactly what I am running on a dual core. I have a Win 7 partition that chokes this machine to a CRAWL.


20 posted on 04/20/2015 7:22:52 PM PDT by RW_Whacko
[ Post Reply | Private Reply | To 19 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-29 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson