He adds, The attack can even succeed when there are firewall and NAT devices in between.
Firewalls wont stop the attack, because UDP is a connectionless protocol.
We are using it to establish a tunnel.
That is why it be named BadTunnel, Yu explains.
All thats needed is for some simple social engineering.
Yu said that he had informed Microsoft, who has patched the exploit.
However, PCs running on non supported versions of Windows like Windows XP, Windows Server 2003, etc.
continue to remain vulnerable.
Microsoft has stated that the issue has been patched inMS16-077and PCs with patched NetBios correctly handle proxy discovery.
Yu is scheduled to present more details on this bug at this years Black Hat USA security conference.
The name of his presentation is BadTunnel: How Do I Get Big Brother Power?
source: www.techworm.net
