Security DB

With an aim to address rapidly evolving spectrum of cyber threats , We are continuosuly working and developing huge vulnerability and security repository that keep track of all recently released exploits changing the way analysts share and research threat intelligence. Keep your vulnerability database updated with CDI's repository of latest exploits.

Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.


We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert lever we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Cylance Researchers have discovered a major vulnerability in Windows Operating System. A new technique has been found for stealing login credentials from any Windows System, tablet or even Server. All Major versions of the OS are affected including the yet to release Windows 10. The software products from 31 companies are said to be affected by this vulnerability, which marks Adobe, Apple, Box, Microsoft, Oracle and Symantec on the line.

The Vulnerability

Redirect to SMB vulnerability allows attackers to steal sensitive user credentials by hijacking communications with legitimate web servers via MITM (man-in-the-middle) attack, then sending them to malicious SMB (server message block) servers that force them to spit out the victims username, domain and hashed password.

redirect to smb vulnerability

18-year old Bug

In 1997, Aaron Spangler revealed a flaw in Internet Explorer, that allowed an attacker to act as a man in the middle and send victim a url (using iframe, image, or any other web resource resolved by the browser) starting with "file" (such as file:// When the victim clicks this url, it authenticates to attacker's SMB Server without any authentication, and thus the attacker gains control of the victim's system and steal credentials. This can be dangerous! The stolen credentials can be used anyway. Microsoft never considered patching this vulnerability reported by Aaron and thus the bug prevailed for 18 long years.

Cylance researchers stumbled upon this vulnerability while testing ways to penetrate a chat client feature that features image previews.

How this bug turned out to be Larger than Earlier?

This HTTP/HTTPS to SMB Redirection turns out to be a major flaw and affects larger cyberspace than previously found. Since Windows API functions allow this redirection, hence the area increased manifolds. Four major commonly used Windows API Functions were identified and reported to the vendors.

Affected Vendors and their Products

A total of 31 vulnerable software packages were discovered and reported by Cylance. They include:

Widely Used Applications:

Adobe Reader, Apple QuickTime and Apple Software Update (which handles the updating for iTunes)

Microsoft Applications:

Internet Explorer, Windows Media Player, Excel 2010, and even in Microsoft Baseline Security Analyzer


Symantecs Norton Security Scan, AVG Free, BitDefender Free, Comodo Antivirus

Security Tools:

.NET Reflector, Maltego CE

Team Tools:

Box Sync, TeamViewer

Developer Tools:

Github for Windows, PyCharm, IntelliJ IDEA, PHP Storm, JDK 8u31s installer


According to Cylance, Microsoft will release a patch to fix the Redirect to SMB vulnerability but for the time being, users can block outbound traffic from TCP 139 and TCP 445 -- either at the endpoint firewall or at the network gateways firewall (assuming you are on a trusted network). The former will block all SMB communication, which may disable other features that depend on SMB. If the block is done at the network gateways firewall, SMB features will still work inside the network, but prevent authentication attempts with destinations outside the network. For more Mitigation measures, you can follow the report published by Cylance.

Leave a Reply

Email id
Contact No