31478 Industrial Road Suite 200, Livonia, Michigan 48150 sales@xfer.com

XFER Blog

XFER Blog

XFER has been serving the Livonia area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Newly Discovered Vulnerability Gives Reason to Worry for Every Windows User

Newly Discovered Vulnerability Gives Reason to Worry for Every Windows User

A vulnerability has been discovered that affects all versions of Microsoft’s Windows operating system, including the long-unsupported Windows XP, going all the way back to Windows 95. The vulnerability, called BadTunnel, allows attackers to directly bypass system defenses and initiate a man-in-the-middle attack. The vulnerability isn’t limited to just Windows, either; it also affects Internet Explorer, Edge, and other Microsoft software.

This vulnerability is largely being called “probably the widest impact in the history of Windows,” making it quite a big deal indeed. Yang Yu, a security researcher at Tencent’s Xuanwu Lab, is the one responsible for finding the bug, and his actions in doing so were rewarded handsomely; he’s one of the few who have managed to earn more than $100,000 through Microsoft’s “bug bounty” program, and the discovery of BadTunnel netted him a modest $50,000.

Forbes reports: “This vulnerability can be exploited through Edge, Internet Explorer, Microsoft Office and many other third-party software on Windows. It can also be exploited through web servers … or even through thumb drives – insert the thumb drive into one of the ports on the system and the exploitation is complete.”

Perhaps the most disconcerting thing about this vulnerability is that it’s left Windows PCs vulnerable to attacks for the past 20 years. A successful exploit of the flaw can spoof connections over NetBIOS that allows computers to communicate with one another over a local area network. Essentially, the hacker could route traffic on a user’s Windows PC to their own. Forbes explains further: “Not only could the hacker spy on non-encrypted traffic, they could intercept and tamper with Windows Update downloads. And they could inject further attacks in web pages visited by the victim. For instance, they could ensure that the “tunnel” between the target and the hacker would remain open by inserting code into web pages cached by the browser.”

But, fear not - a patch for BadTunnel was issued in Microsoft’s June 14th Patch Tuesday. However, not all businesses automatically deploy patches and updates, so communicate with your IT department to ensure that your business is protected from BadTunnel. If you ignore this vulnerability, there’s a chance that your Windows PCs could be monitored and controlled remotely by malicious entities. You can view the official Microsoft security bulletin here.

Yu believes this vulnerability to be the first of its kind, and it’s understood that Windows users should update as soon as possible. Yet, some users, like those who have Windows XP (still), will be out of luck. In these circumstances, researchers have recommended disabling NetBIOS over TCP/IP. However, it might just be easier, and more secure, to just upgrade to a supported operating system. Whatever you decide to do, XFER has your back.

Yu plans to discuss the finer details of BadTunnel later this month at the 2016 BlackHat Conference in Las Vegas, July 30th through August 4th.

For more technology news and security tips, reach out to XFER at 734-927-6666 / 800-GET-XFER.

Tip of the Week: 5 Easy Ways to Move Several Files...
How Your Business Can Take Advantage of These 4 Mo...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Monday, 23 December 2024

Captcha Image

Customer Login


Cybersecurity Risk Assessment

cybersecurity-audit

Our risk assessment will reveal hidden problems, security vulnerabilities, and other issues lurking on your network.

Request Yours Today!

Contact Us

Learn more about what XFER can do for your business.

XFER Communications, Inc.
31478 Industrial Road Suite 200
Livonia, Michigan 48150