Security firm Cylance, recently revealed a security flaw on Windows which could lead to login theft. Surprisingly enough, the security flaw affects every version of Windows, including Windows 10 Technical Preview. Cylance states that the vulnerability, ‘Redirect to SMB’ would allow attackers to get hijack sensitive information from users by getting them to click on a link. Cylance stated that the flaw could also be exploited by using a man-in-the-middle attack by any Windows program.
Microsoft recently told Reuters:
“Several factors would need to converge for a ‘man-in-the-middle’ cyberattack to occur. Our guidance was updated in a Security Research and Defense blog in 2009, to help address potential threats of this nature. There are also features in Windows, such as Extended Protection for Authentication, which enhances existing defenses for handling network connection credentials.”
Microsoft hasn’t yet announced if the company will fix this flaw with a Windows update. However, we’ll make sure to keep you updated with the latest on this topic.
What do you think of this new security flaw? Discuss in the comment section below!