Authentication, SMB and Windows

CVE-2024-8260: SMB Force-Authentication Vulnerability in OPA Could Lead to Credential Leakage

Tenable

OCTOBER 22, 2024

Tenable Research discovered an SMB force-authentication vulnerability in Open Policy Agent (OPA) that is now fixed in the latest release of OPA. This exploration led us to discover an SMB force-authentication vulnerability (CVSSv3 6.1) affecting all existing versions of OPA for Windows at that time.

SMB

SMB Authentication Policies Open Source

It's 2022. Why do you keep using SMB?

Ivanti

MARCH 4, 2022

During the last 25 years, companies have relied on SMB protocol to allow them to collaborate and centralize corporate documents. The history of SMB (and why it's no longer relevant). The latest iteration, SMB 3.1.1, Windows 10?and?Windows Windows Server 2016. These are the good old shared drives we all know well.

SMB

SMB LAN Authentication Windows

Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039)

Tenable

NOVEMBER 12, 2024

Important CVE-2024-43451 | NTLM Hash Disclosure Spoofing Vulnerability CVE-2024-43451 is a NTLM hash spoofing vulnerability in Microsoft Windows. Successful exploitation would lead to the unauthorized disclosure of a user’s NTLMv2 hash, which an attacker could then use to authenticate to the system as the user.

Windows

Windows Software Review Azure Systems Review

Webinars

Prepare Now: 2025s Must-Know Trends For Product And Data Leaders

From Start to Scale: Driving Growth Through Seamless Payments Implementation

MORE WEBINARS

Microsoft’s September 2024 Patch Tuesday Addresses 79 CVEs (CVE-2024-43491)

Tenable

SEPTEMBER 10, 2024

Critical CVE-2024-43491 | Microsoft Windows Update Remote Code Execution Vulnerability CVE-2024-43491 is a RCE vulnerability in Microsoft Windows Update affecting Optional Components on Windows 10, version 1507 (Windows 10 Enterprise 2015 LTSB and Windows 10 IoT Enterprise 2015 LTSB). Advanced Services ASP.NET 4.6

Windows

Windows Azure Authentication SMB

5 Ways to Protect Scanning Credentials for Windows Hosts

Tenable

MAY 8, 2020

Here, we provide specific guidance for Microsoft Windows systems. When it comes to protecting credentials in a Microsoft Windows Active Directory environment, though, we have specific guidance. When configuring service account(s) for use in credentialed scanning, below are some key considerations unique to Windows hosts.

Windows

Windows SMB Authentication Network

CVE-2022-37958: FAQ for Critical Microsoft SPNEGO NEGOEX Vulnerability

Tenable

DECEMBER 21, 2022

CVE-2022-37958 is a remote code execution (RCE) vulnerability in the SPNEGO NEGOEX protocol of Windows operating systems, which supports authentication in applications. KB5017308: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (September 2022). KB5017328: Windows 11 Security Update (September 2022).

Windows

Windows SMB Authentication Research

Microsoft’s June 2020 Patch Tuesday Addresses 129 CVEs Including Newly Disclosed SMBv3 Vulnerability (CVE-2020-1206)

Tenable

JUNE 9, 2020

The updates this month include patches for Microsoft Windows, Microsoft Edge, ChakraCore, Internet Explorer, Microsoft Office, Microsoft Office Services and Web Apps, Windows Defender, Microsoft Dynamics, Visual Studio, Azure DevOps and Adobe Flash Player. CVE-2020-1194 | Windows Registry Denial of Service Vulnerability.

SMB

SMB Software Review Systems Review Windows

Build RAG-based generative AI applications in AWS using Amazon FSx for NetApp ONTAP with Amazon Bedrock

AWS Machine Learning - AI

SEPTEMBER 17, 2024

We use an Amazon Elastic Compute Cloud (Amazon EC2) Windows server as an SMB/CIFS client to the FSx for ONTAP volume and configure data sharing and ACLs for the SMB shares in the volume. An OpenSearch Serverless vector search collection provides a scalable and high-performance similarity search capability.

Generative AI

Generative AI AWS Applications Serverless

Microsoft’s August 2022 Patch Tuesday Addresses 118 CVEs (CVE-2022-34713)

Tenable

AUGUST 9, 2022

Microsoft Windows Support Diagnostic Tool (MSDT). Role: Windows Fax Service. Role: Windows Hyper-V. Windows Bluetooth Service. Windows Canonical Display Driver. Windows Cloud Files Mini Filter Driver. Windows Defender Credential Guard. Windows Digital Media. Windows Digital Media.

SMB

SMB Azure Windows Disaster Recovery

Microsoft’s March 2022 Patch Tuesday Addresses 71 CVEs (CVE-2022-23277, CVE-2022-24508)

Tenable

MARCH 8, 2022

Microsoft Windows ALPC. Microsoft Windows Codecs Library. Role: Windows Hyper-V. Tablet Windows User Interface. Windows Ancillary Function Driver for WinSock. Windows CD-ROM Driver. Windows Cloud Files Mini Filter Driver. Windows COM. Windows Common Log File System Driver. Windows Media.

Windows

Windows Authentication SMB .Net

Microsoft’s June 2022 Patch Tuesday Addresses 55 CVEs (CVE-2022-30190)

Tenable

JUNE 14, 2022

Microsoft Windows ALPC. Microsoft Windows Codecs Library. Role: Windows Hyper-V. Windows Ancillary Function Driver for WinSock. Windows App Store. Windows Autopilot. Windows Container Isolation FS Filter Driver. Windows Container Manager Service. Windows Defender. Windows Installer.

Windows

Windows Azure Internet SMB

Slack Patches Download Hijack Vulnerability in Windows Desktop App

Tenable

MAY 17, 2019

Tenable Researcher David Wells discovered a vulnerability in Slack Desktop for Windows that could have allowed an attacker to alter where files downloaded within Slack are stored. for Windows. We cannot confirm how many of those are Windows App users. Confirm that your Slack for Windows is updated to version 3.4.0.

Windows

Windows SMB Authentication Malware

From Bugs to Breaches: 25 Significant CVEs As MITRE CVE Turns 25

Tenable

OCTOBER 22, 2024

CVE-2010-2568: Windows Shell Remote Code Execution Vulnerability Remote Code Execution Exploited Zero-Day Local Stuxnet High 2010 Why it’s significant: Regarded as one of the most sophisticated cyberespionage tools ever created, Stuxnet was designed to target SCADA systems in industrial environments to reportedly sabotage Iran's nuclear program.

Software Review

Software Review Windows Groups Network

Microsoft’s April 2022 Patch Tuesday Addresses 117 CVEs (CVE-2022-24521)

Tenable

APRIL 12, 2022

Microsoft Windows ALPC. Microsoft Windows Codecs Library. Microsoft Windows Media Foundation. Role: Windows Hyper-V. Windows Ancillary Function Driver for WinSock. Windows App Store. Windows AppX Package Manager. Windows Cluster Client Failover. Windows Cluster Shared Volume (CSV).

Windows

Windows Systems Review Software Review SMB

Microsoft’s May 2021 Patch Tuesday Addresses 55 CVEs (CVE-2021-31166)

Tenable

MAY 11, 2021

Microsoft Windows Codecs Library. Microsoft Windows IrDA. Windows Container Isolation FS Filter Driver. Windows Container Manager Service. Windows Cryptographic Services. Windows CSC Service. Windows Desktop Bridge. Windows OLE. Windows Projected File System FS Filter. Role: Hyper-V.

Windows

Windows SMB Wireless .Net

Microsoft’s April 2021 Patch Tuesday Addresses 108 CVEs (CVE-2021-28310)

Tenable

APRIL 13, 2021

Microsoft Windows Codecs Library. Microsoft Windows Speech. Windows Application Compatibility Cache. Windows AppX Deployment Extensions. Windows AppX Deployment Extensions. Windows Console Driver. Windows Diagnostic Hub. Windows Early Launch Antimalware Driver. Windows ELAM. DNS Server.

Windows

Windows Azure SMB Report

Microsoft’s July 2021 Patch Tuesday Includes 116 CVEs (CVE-2021-31979, CVE-2021-33771)

Tenable

JULY 13, 2021

Microsoft Windows Codecs Library. Microsoft Windows DNS. Microsoft Windows Media Foundation. Windows Active Directory. Windows Address Book. Windows AF_UNIX Socket Provider. Windows AppContainer. Windows AppContainer. Windows AppX Deployment Extensions. Windows Authenticode.

Windows

Windows Software Review Malware SMB

CISA Directive 22-01: How Tenable Can Help You Find and Fix Known Exploited Vulnerabilities

Tenable

NOVEMBER 10, 2021

From a network scan perspective, fully authenticated assessments are a key part of that process as they provide up to 45 times more findings and insight than uncredentialed assessments (assessments by Nessus Agent are authenticated in terms of plugin coverage). Source: Tenable, November 2021. Causes various plugins to work harder.

Systems Review

Systems Review Software Review Authentication Policies

SMBleed (CVE-2020-1206) and SMBLost (CVE-2020-1301) Vulnerabilities Affect Microsoft SMBv3 and SMBv1

Tenable

JUNE 10, 2020

Three months after an out-of-band patch was released for SMBGhost, aka EternalDarkness (CVE-2020-0796), researchers disclosed two new flaws affecting Microsoft’s Server Message Block (SMB) protocol, including working proof-of-concepts. As a result, Microsoft announced in April 2012 that SMB version 2.2 SMB version 3.1.1

Systems Review

Systems Review Software Review SMB Development Team Review

50 Best HIPAA-Compliant Cloud Storage Solutions

Datica

SEPTEMBER 11, 2019

Amazon FSx for Windows File Server ( @awscloud ). Amazon FSx for Windows File Server offers a fully managed native Microsoft Windows file system so that you can easily migrate your Windows-based applications to AWS. Key Features: Native Windows compatibility. Broadly accessible since it supports the SMB protocol.

Storage

Storage Cloud Backup Disaster Recovery

CTO Universe

CVE-2024-8260: SMB Force-Authentication Vulnerability in OPA Could Lead to Credential Leakage

It's 2022. Why do you keep using SMB?

Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039)

Webinars

Microsoft’s September 2024 Patch Tuesday Addresses 79 CVEs (CVE-2024-43491)

5 Ways to Protect Scanning Credentials for Windows Hosts

CVE-2022-37958: FAQ for Critical Microsoft SPNEGO NEGOEX Vulnerability

Microsoft’s June 2020 Patch Tuesday Addresses 129 CVEs Including Newly Disclosed SMBv3 Vulnerability (CVE-2020-1206)

Build RAG-based generative AI applications in AWS using Amazon FSx for NetApp ONTAP with Amazon Bedrock

Microsoft’s August 2022 Patch Tuesday Addresses 118 CVEs (CVE-2022-34713)

Microsoft’s March 2022 Patch Tuesday Addresses 71 CVEs (CVE-2022-23277, CVE-2022-24508)

Microsoft’s June 2022 Patch Tuesday Addresses 55 CVEs (CVE-2022-30190)

Slack Patches Download Hijack Vulnerability in Windows Desktop App

From Bugs to Breaches: 25 Significant CVEs As MITRE CVE Turns 25

Microsoft’s April 2022 Patch Tuesday Addresses 117 CVEs (CVE-2022-24521)

Microsoft’s May 2021 Patch Tuesday Addresses 55 CVEs (CVE-2021-31166)

Microsoft’s April 2021 Patch Tuesday Addresses 108 CVEs (CVE-2021-28310)

Microsoft’s July 2021 Patch Tuesday Includes 116 CVEs (CVE-2021-31979, CVE-2021-33771)

CISA Directive 22-01: How Tenable Can Help You Find and Fix Known Exploited Vulnerabilities

SMBleed (CVE-2020-1206) and SMBLost (CVE-2020-1301) Vulnerabilities Affect Microsoft SMBv3 and SMBv1

50 Best HIPAA-Compliant Cloud Storage Solutions

Stay Connected