Interesting part is that Microsoft have not patched this serious vulnerability on any of its windows version, as the vulnerability is 18-year-old. Microsoft latest windows version Windows 10 is also found to be vulnerable of this attack. Application found vulnerable to the technique are Apple iTunes, Adobe Flash, Symantec products etc.
What is Redirect to SMB
‘Redirect to SMB’ allows attackers to perform Man in the Middle (MITM) attacks by redirecting users to malfeasant SMB authentication servers which are capable of exfiltrating the credentials and granting intercepting parties the opportunity to harvest private data in confidential locations, shepherd the victim machine into a larger botnet, and even completely take over the machine.
The attack vector was developed from the 1997 vulnerability exposed by Aaron Spangler, who discovered that URLs which begin with the word ‘File’ (i.e. file://22.214.171.124/) would prompt the Windows OS to authenticate via SMB (Server Message Block) at the IP address used in the crafted URL – analogous to asking a thief for a character reference.
Currently Microsoft has not released a patch for this vulnerability. Researchers say “We hope that our research will compel Microsoft to reconsider the vulnerabilities and disable authentication with untrusted SMB servers. That would block the attacks identified by Spangler as well as the new Redirect to SMB attack,”