Windows is the most familiar desktop operating system. Microsoft has been sparing no effort to fix system vulnerabilities and avoid security problems when users use Windows. However, we also found that there are still some loopholes. "Hidden" for 20 years, they have just been repaired by Microsoft, or still affect users, let us feel that system security is hard to come by.
Automatic Authentication Vulnerabilities
The Microsoft Automated Authentication Vulnerability was discovered in 1997, affecting systems such as Windows 95/NT, but the vulnerability has not been fixed. Now researchers have found that the vulnerability will also affect Windows 8 and Windows 10, causing the user's Microsoft account login information to be compromised.
Accordingly, the vulnerability exposes the NTLMv2 hash of the user's login name and password, and cracking the hashed password under GPU acceleration no longer becomes difficult.
To trigger this vulnerability, an attacker would need to set up a network share and then trick the victim into access, such as embedding an image pointing to a shared IP on a website or email. When a user accesses the link using a Microsoft product, it sends the NTLMv2 hash of the victim's login name and password to the attacker in a silent state.
In 1997, this vulnerability may not have much impact, after all, the attacker can only get the user's local login information. However, starting with WIndows 8, many users log in to the system through Microsoft accounts, so password leakage may affect a series of product services, including Skype, Email, Xbox Live, etc.
Microsoft Edge, Internet Explorer and Outlook Mail Client are affected by this vulnerability. Security personnel recommend that users do not access network shares through Microsoft browsers or mail clients.
BadTunnel Vulnerabilities
BadTunnel is probably the most widely exploited vulnerability in Windows history. The vulnerability was discovered by Tencent Xuanwu Lab and can affect all operating systems from Windows 95 to Windows 10. Fortunately, Microsoft has fixed this vulnerability in June this year.
The BadTunnel vulnerability is a problem with Windows' original design, which enables near-perfect silent operation. When a victim clicks on a network connection or inserts a USB device, the hacker can hijack all of the user's network usage and become the "big brother" of the user's computer.
Researchers say hackers can compromise users' computers through Edge browsers, Internet Explorer, Office, third-party software running on Windows, and even web servers and removable devices such as USB sticks. What's worse is that even if the security software has active defense enabled, it can't be detected.
This vulnerability stems from a vulnerability generated by the WPAD (Web Proxy Auto Discovery) protocol. The attacker needs to spoof the NetBIOS connection so that different devices can communicate over the LAN. We recommend that users ensure that all security patches are installed on the Windows system. For systems that Microsoft does not support, such as Windows XP, the easiest way to avoid this vulnerability is to disable the NetBIOS protocol.
Windows Printer Vulnerabilities
In July of this year, Microsoft fixed another vulnerability that has existed for 20 years. The vulnerability exists in Windows Print Spooler, which allows hackers to secretly install malware on users' computers.
The researchers found that when the print driver was installed remotely, Windows Print Spooler did not properly verify the remotely downloaded printer driver, causing hackers to enter the malicious modification driver.
This vulnerability could be exploited by hackers to disguise printers, printer drivers, or any networked device that pretends to be a printer as a built-in driver kit. As soon as they are connected to them, the device will be infected. In addition, the vulnerability not only causes multiple computers to become infected, but also continues to infect while discovering peripherals on the computer.
The researchers conducted a series of attacks on a range of devices, including unidentified printers and running Windows XP (32-bit), Windows 7 (32-bit), Windows 7 (64-bit), Windows 2008 R2 AD 64 Ubuntu CUPS and Windows 2008 R2 64 print server computers. They found that this vulnerability can be traced back to Windows 95.
Information security has become a problem that users can't ignore, and these "latent" security vulnerabilities continue to remind users that only by keeping the operating system/software up to date, it is possible to better avoid A cybersecurity threat. On the other hand, operating system providers including Microsoft and Apple should also remind users of possible security vulnerabilities and provide solutions to reduce the security attacks that users may face.
cmd run command can help solve a lot of problems, you can view a lot of information on the system lo
win10 preview version 10056 homemade Chinese iso image download address is coming! Today Xiaobian fo
I use Win8 system, I want to use defragmentation now, how can I use defragmentation in Windows8?Ope
This morning, the laptop battery icon suddenly does not show up, Baidu searched all over the Interne
[Video] Win10 mobile version compared with WP8.1 which runs faster?
How does the Win8 system enter the user account interface to manage the account
How to solve Win8.1 can not use IE11 to upload pictures to QQ space problem
How to Unsubscribe Unwanted Calendar under Windows 10 System
Win8 login ICBC online banking appears to be unable to open the web page
XP system configuration IIS service failure prompt error code 500 solution
Win10 th2 official version re-launched installation card in 44% of the problem remains unresolved
How win7 system hides its own WiFi signal win7 system hides its own WiFi signal method
Windows 7 operating system power setting function
Teach you to quickly install win7 in XP system
How to turn off the touch screen function under Windows 8
Really understand the mysterious digital signature
What if the win7 system cannot delete the trust installation protection file?
Win7 clean disk save C disk space skills
Windows 7 7000 experience (28th update, with vista sp1 and windows7 7000 comprehensive comparison)
How to check the activation status of Windows Vista