18-Year-Old Security Flaw Allows Hackers To Steal Credentials From All Versions Of Windows

[jos]

In 1997, researcher Aaron Spangler discovered a bug in Internet Explorer that allowed an attacker to steal credentials using a protocol known as Windows Server Message Block (SMB). Eighteen years later, a researcher on the Cylance SPEAR research team testing a messaging app with that bug in mind discovered a much larger vulnerability that affects at least 31 applications including Adobe Reader, iTunes, Box , and Symantec  Norton Security Scan on all versions of Windows.

 

This new vulnerability, called “Redirect to SMB,” allows user login credentials to be leaked from a variety of Windows applications by tricking the apps into authenticating with a rogue server.

 

 

 

I wish windows 10 does not come with internet explorer as there will be both ie and edge in win 10

 

Source: http://www.forbes.com/sites/katevinton/2015/04/13/18-year-old-security-flaw-allows-hackers-to-steal-credentials-from-all-versions-of-windows/

[Guest]

You just creep me out man.

[Nohemi]

wow 

[Glenwing]

http://linustechtips.com/main/topic/347847-a-really-dumb-18-year-old-exploit-in-windows-was-never-patched/