WTF ... IS WTF!?
We are a collective of people who believe in freedom of speech, the rights of individuals, and free pancakes! We share our lives, struggles, frustrations, successes, joys, and prescribe to our own special brand of humor and insanity. If you are looking for a great place to hang out, make new friends, find new nemeses, and just be yourself, WTF.com is your new home.

Microsoft Account Credentials Leak vulnerability

Jason

Voorhees a jolly good fellow!
Founder
6,889
5,154
537
What would you say if I told you that an almost two decade old vulnerability in Windows may leak your Microsoft Account credentials when you visit a website, read an email, or use VPN over IPSec?

A bug, that goes all the way back to Windows 95 is causing major issues on Windows 8 and Windows 10.

Basically, what happens is the following: Microsoft Edge, Internet Explorer, Outlook and other Microsoft products allow connections to local network shares. What the default settings don't prevent on top of that is connections to remote shares.

An attacker could exploit this by creating a website or email with an embedded image or other content that is been loaded from a network share.

Microsoft products like Edge, Outlook or Internet Explorer try to load the network share resource, and send the active user's Windows login credentials, username and password to that network share.

The username is submitted in plaintext, the password as a NTLMv2 hash.

Microsoft Account Credentials Leak vulnerability

There are two main issues that arise from that. First, the account data is exposed to third parties which may try cracking the hash to recover the user password.

Second, since account information leak, it may very well be a privacy issue especially if Tor or VPN services are used to improve privacy while on the Internet.

The reason why the attack is more promising under Windows 8 and newer is that Microsoft accounts are the default sign in option on those systems. This means that Microsoft account credentials are leaked to the network share, and not a local username and password.

For additional information, and methods of testing, please visit the following source:

http://www.ghacks.net/2016/08/02/microsoft-account-credentials-leak-vulnerability/
 

RebelBuddha

Rey de Currumpaw
10,780
5,440
487
Why the hell would anyone not immediately find an alternative to the programs listed as soon as you purchase a computer?

First thing I do is turn anything windows off. Then any preloaded virus protection crap or auto update garbage.

These things are always major vulnerabilities.