CommanderFrank
Cat Can't Scratch It
- Joined
- May 9, 2000
- Messages
- 75,400
Another legacy vulnerability dating from 1997 that affects all versions of Windows has been identified. The vulnerability is called Redirect to SMB. You can wait around for Microsoft to roll out a fix, which they are presently working on, or you can apply the enclosed workaround until the official patch is released.
In 1997, Spangler found that introducing URLS beginning “file” would cause Windows to attempt authentication with an SMB server at the given IP address (for example, file://1.1.1.1), which could then be used to record login credentials.