ANTI-HACK, Redirect vulnerability to SMB

Hi friends, today we solve the problem of vulnerability "Redirect to SMB" which was discovered a few days ago and that affects all versions of Windows, including Windows 10.
Vulnerability in Windows applications based on naivety, which will soon feel to log SMB server. At that time data logging are spit out, where the attacker intercepts them for later decryption.
Warning!
Redirect to SMB is a vulnerability that affects many applications and even antivirus programs.
Some examples:
Adobe Reader, Apple QuickTime and Apple Software Update, Internet Explorer, Windows Media Player, Excel 2010, Symantec's Norton Security Scan, Free AVG, BitDefender Free, Comodo Antivirus, Box Sync, TeamViewer, etc.
Perhaps the Microsoft will fix this vulnerability (Redirect to SMB) soon, unfortunately only those with legal Windows will receive this patch.
Those with pirated Windows will have to manually make some settings in the firewall to stop SMB traffic to the outside.
SMB ports are TCP and TCP 139 445.
More details can be found on Redirect to SMB cylance.com blog



Related Tutorials



About Cristian Cismaru

I love everything related to IT & C, I like to share the experience and information that we accumulate every day.
Learn as you learn!

Comments

  1. caisinDonici said

    those with wind. pirated happy not to go this setting, because the firewall is stopped "factory" and when you start it gives you error 0x80070422

    • talking nonsense. most pirated Windows sites are not changed.
      Windows does not have a lot of people changed sites are not at all popular torrent sites, all looking for the original, unmodified. Only that makes it different is activated from the original, from Microsoft.

  2. caisinDonici said

    I found and solved already, was stopped "services" must put on automatically

  3. Thank you "learn"

  4. Thank you very much Cristi, live

  5. unVizitator said

    I think the problem is still not solved .. deorece firewall port from Samba (smb) as those of apache servers, ftp, ssh can be changed. .. it's just a temporary solution must be found another solution to this security bag

  6. I follow many years video tutorials made by you and take this opportunity to mulţumesc.Eu I avast firewall and the Windows dezactivat.Am I checked the firewall settings of avast and noticed that comes already set with blocking these ports TCP and TCP 139 445.Deci it seems that this vulnerability in avast know before.

    • Yes, probably made by a patch update. About this vulnerability was only a few days ago.

      • Costelina said

        Cristi welcome
        My hunch is that only Windows Windows 8 8.1 10 not know it would be possible vulnerability as we have shown in this tutorial that I found in Windows 7 and remote settings every time you turn off and stop the services and remote (pc manage)
        Windows 8 times I found these settings (or maybe I did not know them yet keep looking a not quit)
        Again we all know that Windows comes with 8 Metro interface and there really a suspect be possible vulnerability for all applications in Metro with PC startup automatically logs
        to almost forgot, I met a cuidatenie so when I open a Word document is online and asking me username password settings but I had done what I have listed above in Windows7
        I guess if it does not make them automatically sign?
        thank you

  7. constant said

    Excellent!

  8. I have a Zyxel NSA320S enabled SMB server, is there any danger?

  9. These ports are problems for many years. much work is discovered. with exploits on 445 be entered immediately. Activity recording everything. Windows Worms Doors resolve Cleaner. (Have dedicated menu ... well that it could be the firewall).
    problem calmed when they put UPC / rtc - modem and routers since the majority.
    few cases when the cable net's directly in PC. now go through modems / routers. which routereaza public ip and not in bridge. Not to mention how frequently changing public IPs assigned by your ISP.
    So: problem solved about itself.

    more current problem would be mounted ont rds sites.
    I have not yet. I understood that the user has full access their menu.
    as 2 accounts: the user - in limited settings, and admin - rds not give your password to that subscriber. It is stolen from config ont community. I really sorry that I have not yet mounted ont me and I beat him.
    who has to make a tutorial.

  10. Yes, according to user stefan, ONT subject is topical! RCS-RDS began installing such equipment! I already have an ONT but do not know how it can be accessed! Maybe need a tutorial ONT, fiber optics, etc.!

  11. Sebastian Remus said

    Thank you very much for everything! (Y)

  12. We welcome! For Cristian Cismaru, I would like an opinion: I am interested in a mini pc with android to connect to TV, but have not really found any suggestions or recommendations on the net. I saw that you made a tutorial a while ago, but I find topped model, as others have emerged more powerful. He drew attention to the following: minix neo x8h addition, Orion tronsmart r28 meta and meta aw80 tronsmart draco. As specifications are relatively similar, but the prices there are differences. Mention that use a smart LED TV and a gigabit router FiberLink 200 subscription. Thanks in advance.

    • If the specifications and quality are somewhat similar, you can choose from price and accessories.
      Whatever you choose, there are good tools.

      • We welcome! For Cristian Cismaru, I would like an opinion: I am interested in a mini pc with android to connect to TV, but have not really found any suggestions or recommendations on the net. I saw that you made a tutorial a while ago, but I find topped model, as others have emerged more powerful. He drew attention to the following: minix neo x8h addition, Orion tronsmart r28 meta and meta aw80 tronsmart draco. As specifications are relatively similar, but the prices there are differences. Mention that use a smart LED TV and a gigabit router FiberLink 200 subscription. Thanks in advance.

  13. Thanks for the tutorial and Happy New Year to all named after St. George!

  14. yeah that your Windows is usually full of vulnerabilities. As I said again use Linux and you will be exempt from viruses or vulnerabilities. linux is just a few critical vulnerability has no further update to resolve small problems occur on Linux compared to windousu which appear mair intrzieri update or not. your Windows dust in every regard. and if you put games dual boot is a must when using your Windows Linux rest. Linux is based on 98% of servers are linux and solaris rest other non-your Windows system .. and as I said would need to use linux promoted urged viziatorii

    • I do not know how to do that though I installed Linux Mint 17 8.1 besides windows, all windows in most cases use;))
      We custom grub and put the windows boot first position. There were times when I almost forgot that I had actually installed linux on that PC.
      Or as best Linux security chapter, but a big minus in Chapter accessibility, ease of use, ecosystem of third-party programs available in some cases may be problems with drivers, etc. Let's be honest, the windows of the GUI for almost any thing, while on linux ... kinda know how it is. Simply too can not stand without windows on the PC anyway ... I would not give than to limit myself in too many ways for any twist which may occur subsequently lose 10 times more time trying to solve the problem. For a home user simply not worth it. Speaking of servers, then it is another fish dish.

      • besides mean that you do not know anything and Linux. also searching the forums how to use linux and after a while you sit on it you will see how easy it is accessible to linux. Ubuntu and Linux Mint May alex are for beginners and beyond. Linux is very easy to custom-made. your Windows instead give some examples is limited: to cosutumizare which does not allow you to make a big deal out of the factory and must put on various sites insecure all kind of programs that help cica customization, your Windows is not free and most have cracked versions, cica free from your Windows programs are not always good choice and come with a lot toolbaruri commercials and PROS while on linux 99% of prgrame are free. you're one of the many Romans who you give me something new to say pff bag is not impossible. When I was first setting linux ubuntu linux guy and what's habarnaveam. but I read through the forums and see what I say to one another and compared with your Windows and saw that it's much better since d eprin 2008 2010 if I'm not mistaken I used the first time. Linux has less to say yes so do not go the games and certain programs. but for most programs find a lot linux alternative. May certeaza forums and you personally and see how easy it is and get rid of frequent errors and installation of operating system plus not say it's much faster. Now you choose what you use and if you want

      • yes and I forgot to say the vast majority of pcurilui leptopurilor are drivers for the video card and can folsiii universal driveru coming DEFA (server org). if you have a PC or laptop exotic exotic to say so it could not go wrong. but for the most popular notebook PCs will funcctiona popular used 100%. and about 96 98% of users are doing perfectly linux pc or laptop or notebook :).

        • May specialistule, first learn to express yourself grammatically correct after advice to you but not with gender aberrations compared linux - windows ... .laptop, write grammatically correct

  15. Cristi, can you tell us here or in a separate tutorial which security solutions use / recommend for online payments but also in general for your system?

  16. Thank you for your answer. Ref mini pc android, tronsmart draco has the best specs, go and put linux on it but only has hdmi 1.4, tronsmart Orion is a little cheaper but has hdmi 2.0 (4k) (do not know if it would work on linux it) and minix x8h plus is the most expensive ... Personally I lean toward Orion r28 meta tronsmart. I'd put Splashtop Streamer and I use PC when I need it. What do you think of Christ?

  17. If we Comodo firewall, what settings do? Thanks in advance.

    • axelluny said

      Firewall Ports Wizard Sthealt Block all incoming connections and make my pots stealth for everyone (ulltima option) .Tot time I had something applied and only those ports Kaspesky bothered me in black hole.Respectivele accessing ports are those in which Microsoft makes controlling the eggs so I doubt they will block.

  18. In most cases the pirated Windows can make updates without problems and proposed solution for you but it's good!

  19. salutare.stiu that are off topic, but I have a question: google voice is offline in Romanian?

  20. With Outpost Firewall settings can someone help me?

  21. Howdy,
    How can I make this setting in Privatefirewall?
    Thank you!

  22. Very good tutorial and videotutorial.ro.Mulţumim. But for those who still use Windows XP as it is done? We would be grateful and thankful if we could all give you a Wind Madala as 7, 8, 10. Once again THANK YOU!

Speak Your Mind

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.