Stories
Slash Boxes
Comments

SoylentNews is people

Windows Vulnerability Puts NTLM Password Hashes at Risk

posted by n1 on Wednesday November 08 2017, @06:38AM   Printer-friendly
from the password1 dept.

MrPlow writes:

Submitted via IRC for soycow1984

Microsoft has patched only recent versions Windows against a dangerous hack that could allow attackers to steal Windows NTLM password hashes without any user interaction.

The hack is easy to carry out and doesn't involve advanced technical skills to pull off. All the attacker needs to do is to place a malicious SCF file inside publicly accessible Windows folders.

Once the file has been placed inside the folder, it executes due to a mysterious bug, collects the target's NTLM password hash, and sends it to an attacker-configured server. Using publicly available software, an attacker could crack the NTLM password hash and later gain access to the user's computer.

Such a hack would allow an attacker that has a direct connection to a victim's network to escalate access to nearby systems.

Source: Bleeping Computer

Original Submission

 
This discussion has been archived. No new comments can be posted.
Windows Vulnerability Puts NTLM Password Hashes at Risk | Log In/Create an Account | Top | 14 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by ngarrang on Thursday November 09 2017, @01:08PM

    by ngarrang (896) on Thursday November 09 2017, @01:08PM (#594576) Journal

    Will changing SCF files to be associated as a text file instead of a command file break Windows badly? In theory, this would stop the file from being executed. But are there large parts of Windows depending on this functionality to be productive?

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2