Jump to content
Login new information ×
Login new information

First Vulnerability Found in Microsoft Edge, Affects Other Software as Well

Batu69

By Batu69
in Security & Privacy News

Recommended Posts

Batu69

Batu69

Posted
Posted
Internet Explorer, Windows Media Player, Excel, QuickTime, AVG, BitDefender, and Comodo Antivirus also vulnerable

At the Black Hat USA 2015 conference in Las Vegas, a team of security experts led by Jonathan Brossard have presented a vulnerability in the Microsoft Server Message Block (SMB) protocol used for sharing files in local networks.

The vulnerability affects all version of Windows, including the newer Windows 10, and can be exploited via the Internet, something researchers thought as impossible.

SMB is a 21-years-old protocol created by IBM, which allows files and printers to share files inside a network. Since its creation, it has evolved and reached version 3.0, which now ships with most Windows OS instances.

The protocol is used most of the times in enterprise networks, working together with the NTLMv2 authentication algorithm, which allows users to quickly authenticate themselves on Windows servers.

A faulty DLL is at the core of the problem

The vulnerability discovered by Mr. Brossard's team allows hackers to extract user credentials from a closed Windows domain using an attack technique called SMB relay (a basic man-in-the-middle for SMB data).

While this technique usually worked only in LANs, because most enterprise networks have now expanded to include cloud infrastructures, an SMB relay can now be performed for Internet-facing connections as well.

The credentials leak happens when a user is trying to read an email, access a Web page using their browser or do anything that implies opening a URL.

This opens a specific DLL file put into place to protect against SMB relay attacks, but its content and subsequent settings are ignored, as the security experts have found out.

This allows an attacker to perform an SMB relay attack, get the user's credentials, break the password hash, and then use them to steal information from the network by passing as a regular user.

This is the first vulnerability ever reported to affect the Edge browser

As Mr. Brossard notes, all IE versions are vulnerable, including Microsoft's latest Edge browser, making this "the first attack against Windows 10 and its web browser Spartan."

Additionally, other vulnerable applications include Windows Media Player, Adobe Reader, Apple QuickTime, Excel 2010, Symantec's Norton Security Scan, AVG Free, BitDefender Free, Comodo Antivirus, IntelliJ IDEA, Box Sync, GitHub for Windows, TeamViewer, and many other more.

The research paper was written before the Windows 10 launch, and obviously before Spartan was renamed to Edge.

The research also includes different mitigation techniques, but according to Mr. Brossard, the most efficient one would be to setup custom PC-level Windows Firewall settings, preventing SMB data from leaking online via specific ports, where an SMB relay can be carried out.

"Since virtually any Windows machine part of a corporate network uses IE as a default web browser and is typically part of an Active Directory network, the magnitude of this vulnerability is unprecedented," says Mr. Brossard.

Source

Link to comment
Share on other sites
  • Replies 6
  • Views 1.3k
  • Created
  • Last Reply
steven36

steven36

Posted
Posted

Edge follows the vulnerability path of Internet Explorer... ;)

Show me a browser that has no vulnerabilities?

R8HpiN1.png

This data for 2015 Chrome had almost 2 times as many as IE Firefox has less than them but has more unpatched users than IE or chrome witch is just as dangerous. This is because people dont know that if you're going keep running old Firefox you should only use ESR and and not old release . When version 39 came out some were still using version 38 it was in the marketshare report . ;) Chrome really dont have and ESR and still 24% uses a non patched version . IE patches on windows updates only 13% are not patching .

http://secunia.com/resources/vulnerability-review/browser-security/

You may as well log off the internet if vulnerabilities scare you. :P

Link to comment
Share on other sites
212eta

212eta

Posted
Posted

Edge follows the vulnerability path of Internet Explorer... wink.png

Show me a browser that has no vulnerabilities

There are browsers which are heavily targeted and therefore, are full of vulnerabilities... ;)

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...