A new security flaw discovered in Windows could potentially compromise the security of millions of computers. This error is reported by security firm Cylance, which recently discovered it as a “SMB Redirection” vulnerability or “Redirect to SMB.”
Although the probability of an actual attack scenario occurring is very low, what makes “Redirect to SMB” unique is that it does not rely on the user's ignorance computer.
We know that traditional infections require interaction by the user at the touch of a link sent by the fraudsters. The vulnerability discovered by Cylance can be accomplished by keeping communication on a remote server.
For example, this can be done with an adware-like application or one program which mimics updates of legitimate applications.
Microsoft recognized the vulnerability, but Cylance did not consider it a critical threat.
According to Microsoft, there are a lot of factors that are needed to make use of the weakness.
Microsoft also states that its operating systems are constantly being updated and added security measures to Windows which neutralize such threats, according to NeoWin.
