Many software products use HTTP requests for various features such as software update checking.

These credentials can then be logged by the malicious server.

The credentials are encrypted, but may be brute-forced to break the encryption, the CERT advisory says.

New Redirect to SMB Flaw in all Windows versions including Windows 10 allows hackers to steal login credentials

Examples

The Cylance researchers have given following examples show different attacks that could be conducted.

to make it effectively demonstrate attack scenarios, the conditions have been simplified.

A critical Server Message Block (SMB) #VU672268 in all Windows version including Windows 10 allows potential hackers to steal sensitive login credentials

spot_img

source: www.techworm.net