Security researchers have unearthed a serious security flaw in all supported versions of Windows that could let hackers steal users’ credentials from computers, tablets or servers running any version of Windows operating system, including the as-yet-released Windows 10.

This vulnerability in Windows was first discovered 20 Years ago:

The critical bug, dubbed "Redirect to SMB," is a variant of a vulnerability found in Windows by researcher Aaron Spangler nearly 18 years ago that caused

Windows to expose a user's Windows username and password automatically.

However, according to researchers at security firm Cylance who discovered the flaw, this weakness in Windows was never patched by Microsoft, as Microsoft says that this flaw is not worth focusing on, and, therefore...

...This results in a new hack that targets the SMB file sharing protocol.

But, What is SMB?

SMB, or Server Message Block, is a protocol that allows users to share files over a network. In Windows operating systems, SMB is often used by companies and organizations to share files from one server across their entire network.

Now, how this SMB protocol is exploited by hackers?

While requesting a file from the server, Windows will automatically attempt to authenticate to the SMB server by providing the system users’ credentials to the server.


What does Microsoft say about the issue?

Microsoft officials downplayed the Cylance "discovery" and the seriousness of the flaw on Monday, saying that the issue was not new at all, and the
chances of falling victim to this attack are little.

"We do not agree with Cylance's claims of a new attack type. Cybercriminals continue to be engaged in a number of nefarious tactics," a Microsoft spokesperson released a statement on Monday.

"However, several factors would need to come together for this type of cyber attack to work, such as success in luring a person to enter information into a fake website. We encourage people to avoid opening links in emails from senders that they do not recognize or visiting unsecure sites."


Who are affected?

Cyclance claims that nearly 31 programs are vulnerable to the SMB flaw, which includes:

Many widely used applications: Adobe Reader, Apple QuickTime and Apple Software Update that handles iTunes updates

Microsoft Applications: Internet Explorer, Windows Media Player, Excel 2010, and even Microsoft Baseline Security Analyzer

Developer Tools: Github for Windows, PyCharm, IntelliJ IDEA, PHP Storm and JDK 8u31’s installer

Security Tools: .NET Reflector and Maltego CE

Antivirus Software: Symantec’s Norton Security Scan, AVG Free, BitDefender Free and Comodo Antivirus

Team Tools: Box Sync and TeamViewer


How do you protect yourself against this flaw?

The simplest way to protect against this issue is to block outbound traffic from TCP 139 and TCP 445.

This could be prevented using a network gateway firewall to prevent only SMB communications to destinations outside of your network.

Apply applicable and up-to-date software patches from vendors.

Use strong passwords so that it requires a larger time for brute forcing of any hashing algorithms.