Cylance SPEAR Team Discovers Vulnerability Impacting All Versions of Windows, Including Windows 10 Preview
Loophole Allows Attacker to Gain Access to Login Credentials; Popular Apps From Adobe, Apple, Box and Microsoft Also Impacted
(firmenpresse) - IRVINE, CA -- (Marketwired) -- 04/13/15 -- Cylance, the first predictive cyber threat security company that combines the power of math and machine learning to stop malware, revealed on Monday that its SPEAR security research team discovered a vulnerability in all versions of Microsoft's Windows operating systems. The vulnerability can be exploited to steal sensitive login credentials in stealthy attacks.
In research led by SPEAR team member Brian Wallace, Cylance identified 31 software packages that can be abused to leak login credentials using this vulnerability, which is dubbed Redirect to SMB. They include some of the world's most popular applications: Adobe Reader; Apple QuickTime and Apple Software Update for iTunes; Box's Sync client; Symantec's Norton Security Scan; and Microsoft's Internet Explorer 11, Excel 2010 and Windows Media Player.
The vulnerability is an extension of one discovered by Aaron Spangler in 1997, which is still not defended against by default. Redirect to SMB works by tricking applications into allowing the Windows operating systems to authenticate with a hacker-controlled server, enabling an attacker to take a victim's login credentials, including encrypted passwords.
Cylance has worked closely with CERT at Carnegie Mellon University to coordinate disclosure of this vulnerability.
For more information about this vulnerability and to learn about future discoveries, please visit .
Cylance is the first company to apply artificial intelligence, algorithmic science and machine learning to solving the world's most difficult security problems. .
Jim Finkle
Cylance
617-315-8742
Yotam Levy
Highwire Public Relations
415-963-4174 ext. 35
Themen in dieser Pressemitteilung:
Unternehmensinformation / Kurzprofil:
Datum: 13.04.2015 - 14:00 Uhr
Sprache: Deutsch
News-ID 385186
Anzahl Zeichen: 0
contact information:
Town:
IRVINE, CA
Kategorie:
Hardware
Diese Pressemitteilung wurde bisher 195 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"Cylance SPEAR Team Discovers Vulnerability Impacting All Versions of Windows, Including Windows 10 Preview"
steht unter der journalistisch-redaktionellen Verantwortung von
Cylance (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
