Microsoft Accounts may leak credentials, says researcher

A researcher has warned in a blog that a long-known vulnerability in Windows’ single-sign on capability for accessing Office 365, One Drive and other Microsoft products may be more serious than previously thought.

A number of security Web sites are picking up the blog — originally written in Russian — which says the problem in the Microsoft Server Message Block (SMB) protocol, affecting all versions of Windows, can leak a Microsoft Account user name and hashed password if the access is attempted through Microsoft products like Explorer or Edge browsers or Outlook.

Briefly, MSPowerusers.com reports the vulnerability could be exploited through a compromised image in a Web page which loads from a SMB network share. The Microsoft product would try and load the network share resource, and and send the active user’s Windows login credentials, username and password to that network share. The username is send in plaintext, and the password as a NTLMv2 hash.

Security Week reports the vulnerability was detailed in a paper at last year’s Black Hat security conference but described at the time as a way to attack Windows. The new wrinkle is the possible leak of credentials.

One defence is to make sure users have hard to crack passwords because the NTLM hash can be broken. Home or small business users could also set firewalls to block the Server Message Block ports.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now