SOURCE: Cylance

April 13, 2015 10:00 ET

Cylance SPEAR Team Discovers Vulnerability Impacting All Versions of Windows, Including Windows 10 Preview

Loophole Allows Attacker to Gain Access to Login Credentials; Popular Apps From Adobe, Apple, Box and Microsoft Also Impacted

IRVINE, CA--(Marketwired - Apr 13, 2015) - Cylance, the first predictive cyber threat security company that combines the power of math and machine learning to stop malware, revealed on Monday that its SPEAR security research team discovered a vulnerability in all versions of Microsoft's Windows operating systems. The vulnerability can be exploited to steal sensitive login credentials in stealthy attacks.

In research led by SPEAR team member Brian Wallace, Cylance identified 31 software packages that can be abused to leak login credentials using this vulnerability, which is dubbed Redirect to SMB. They include some of the world's most popular applications: Adobe Reader; Apple QuickTime and Apple Software Update for iTunes; Box's Sync client; Symantec's Norton Security Scan; and Microsoft's Internet Explorer 11, Excel 2010 and Windows Media Player.

The vulnerability is an extension of one discovered by Aaron Spangler in 1997, which is still not defended against by default. Redirect to SMB works by tricking applications into allowing the Windows operating systems to authenticate with a hacker-controlled server, enabling an attacker to take a victim's login credentials, including encrypted passwords.

Cylance has worked closely with CERT at Carnegie Mellon University to coordinate disclosure of this vulnerability.

For more information about this vulnerability and to learn about future discoveries, please visit http://blog.cylance.com/.

About Cylance, Inc.
Cylance is the first company to apply artificial intelligence, algorithmic science and machine learning to solving the world's most difficult security problems. www.cylance.com.

Contact Information