[tahanteada]

Turvaprobleem - mille HVF-i autorid on "maha maganud" ja mis ohustab kõiki Windowsi op.süsteeme.
J siis ka Microsofti enda seisukoht sel teemal:
Eks lugege ja otsustage ise, soovitan piisavalt aega varuda kuna lugemismaterjali on üsna palju.

1. Probleem ise:
Windows Security Flaw Allows Hackers to Steal Your Usernames and Passwords

All Windows versions appear to be affected by this flaw
A security flaw uncovered by Cylance allows hackers to steal usernames and passwords from computers running any Windows version currently on the market, including the Windows 10 Technical Preview that’s technically not available for consumers right now.

In a blog post detailing the issue, Cylance writes that not only Microsoft’s applications are affected but also software developed by 30 other companies, including Symantec, Adobe, and Apple.

The exploit is possible with the help of a malicious link that the attacker is sending to the victim. Once the link is loaded on a vulnerable computer, authentication is performed without any prompt, so cybercriminals get users’ login credentials without any warning.

The security firm calls this method “redirect to SMB” and describes it as a way “for attackers to steal valuable user credentials by hijacking communications with legitimate web servers via man-in-the-middle attacks, then sending them to malicious SMB (server message block) servers that force them to spit out the victim’s username, domain and hashed password.”

Several Microsoft apps affected

Right now, the vulnerability list includes several Microsoft applications, among which Internet Explorer and Windows Media Player. Applications developed by other companies, including antivirus software and media players, are also said to be affected.

Redmond has already confirmed the flaw, but the company is yet to provide a fix that would keep users secure. It has, however, mentioned that computers running Extended Protection for Authentication are fully protected.

As a general word of advice for end users, it’s better to avoid clicking suspicious links coming from unknown sources, at least until Microsoft patches the flaw. Running up-to-date antivirus software could also help, but just like Microsoft says, this flaw cannot be exploited without the user knowingly clicking a link, so if you keep yourself on the safe side, there’s no chance to get exploited.

Windows XP users, beware! Microsoft won’t release a patch for this particular operating system, so if you’re still running it, your PC has just become vulnerable forever.

Update: Microsoft has provided a statement to confirm the flaw, but also to downplay its severity, saying that users are solely responsible for their online protection against this issue.

http://news.softpedia.com/news/Windows-Security-Flaw-Allows-Hackers-to-Steal-Your-Usernames-and-Passwords-478303.shtml
---------------------
2. Microsofti seisukoht siis:
Microsoft Confirms Windows Flaw, Says Users Are Responsible for Their Security

We do not agree with original claims,” the company says
Today security company Cylance has revealed a security flaw affecting all Windows versions, confirming that pretty much every single edition of the desktop operating system is affected by a vulnerability that could expose usernames and passwords on a PC.

In a statement provided by Microsoft and attributed to a company spokesperson, Redmond confirms the flaw but says that it's not necessarily a new kind of attack, but mostly an old technique that involves users and lures them into clicking malicious links.

Indeed, Cylance said in its original report that users would have to click a malicious link sent by the attacker in order to have their computers exploited, but it explained that usernames and passwords would be stolen after authentication is performed in the background without any other prompt displayed to users.

Microsoft, on the other hand, says that users are at the core of this exploit and explains that, without their input, no such vulnerability would be possible. The software giant, however, hasn't provided any information on a possible patch to address the flaw, but this is expected to be launched next month as part of the Patch Tuesday rollout.

“We don't agree with Cylance's claims of a new attack type. Cybercriminals continue to be engaged in a number of nefarious tactics. However, several factors would need to come together for this type of cyberattack to work, such as success in luring a person to enter information into a fake website. We encourage people to avoid opening links in emails from senders that they don't recognize or visiting unsecure sites,” a company spokesperson said.

How to block exploits

While there are some other more advanced techniques to block the flaw, Microsoft provides some basic recommendations to those who'd like to make sure that no exploit is possible until a patch arrives.

As we told you earlier today, it's recommended to avoid clicking on suspicious links coming from unknown sources, and Microsoft says that this is pretty much the most effective way to avoid getting hacked. Even with up-to-date antivirus software, visiting malicious links could still get you exploited, so just don't click on anything that seems suspicious.

This month's Patch Tuesday updates will ship later today, but a fix for this issue is unlikely to be provided, so expect one in May.

http://news.softpedia.com/news/Microsoft-Confirms-Windows-Flaw-Says-Users-Are-Responsible-for-Their-Security-478349.shtml
---------------------------
3. Algallika lugu ka siis:

SPEAR - Redirect to SMB

http://blog.cylance.com/redirect-to-smb