Another critical, EternalBlue-like vulnerability threatens Windows machines worldwide

A

Alfonso Maruccia

Posts: 1,016   +301
Staff
What just happened? A new, potent vulnerability has all that's needed to turn Windows security upside down in millions of computers. The flaw has no official moniker yet and there's already a fix available, but researchers are warning companies to install the latest patches or face the consequences.

The security world still remembers (and dreads) the chaos unleashed by EternalBlue in 2017, when the vulnerability discovered (and stockpiled) by the National Security Agency (NSA) was exploited by the infamous WannaCry and NotPetya attacks (among many others) to hit digital infrastructures all over the world.

Security researchers are now sounding a new alarm regarding another powerful vulnerability in town, one that could be even more dangerous than EternalBlue if left unpatched.

Tracked as CVE-2022-37958, the new flaw works just like EternalBlue and could be exploited to remotely execute malicious code with no authentication required. The bug is "wormable" too, which means it can self-replicate to hit other vulnerable systems. This is exactly the reason why WannaCry and the other 2017 attacks were able to spread so fast.

Unlike EternalBlue, however, CVE-2022-37958 is even more dangerous as it is not limited to the Server Message Block (SMB) protocol because it resides within the SPNEGO Extended Negotiation mechanism. SPNEGO is used by client-server software to negotiate the choice of security technology to use.

Thanks to SPNEGO, a client computer and an internet server can decide the protocol to use for authentication; beyond SMB, the list of affected protocols include RDP, SMTP and HTTP.

The danger posed by CVE-2022-37958 is mitigated by the fact that, unlike EternalBlue, the right solution has already been available for three months.

Microsoft fixed the bug in September 2022 with its monthly Patch Tuesday rollout. At the time, Redmond's analysts classified the flaws as "important," seeing the issue as a potential disclosure of sensitive information and nothing more. After reviewing the code, those same analysts have now assigned a "critical" tag to CVE-2022-37958 and a severity rating of 8.1 – the same as EternalBlue.

The fact that a patch is already available could be an aggravating factor rather than a positive one.

"As we've seen with other major vulnerabilities over the years" like MS17-010 exploited with EternalBlue, IBM security researcher Valentina Palmiotti said, "some organizations have been slow deploying patches for several months or lack an accurate inventory of systems exposed to the internet and miss patching systems altogether."

The threat is still out there, lurking in millions of Windows system from Windows 7 onward.

Permalink to story.

https://www.techspot.com/news/97034-another-critical-eternalblue-like-vulnerability-threatens-windows-machines.html

 
Don't use Windows. Problem solved. There is Mac, Linux. Easy.
I use Linux only on all my machines, it's never been easier. Linux has some to the mainstream, even gaming on my 144Hz 4K monitor is great.
 
Rq3EWAq said:
Don't use Windows. Problem solved. There is Mac, Linux. Easy.
I use Linux only on all my machines, it's never been easier. Linux has some to the mainstream, even gaming on my 144Hz 4K monitor is great.
Click to expand...

Only a fool thinks that Linux and MacOS are secure guess what they're not yeah they don't have as many attacks on them but they also don't have as big of a end user base as windows either if they did then it would be just as bad for them too so please stop with the FUD
 
  • Like
Reactions: Theinsanegamer, kiwigraeme and Zordon
Rq3EWAq said:
It never has been.
Click to expand...
No operating system is safe. Windows just gets more publicity than MacOS and Linux.

There are three main types of attacks. 1. Direct attack on the OS, 2. Indirect attack via 3rd party software, and 3. Identity (ID) attack. Of all these the ID attack is what hackers are after as this gives them the golden ticket to everything.

Windows, Mac, and Linux are all as safe as each other when patched and used correctly - 90% of all attacks happen because of bad management of those environments.
 
  • Like
Reactions: Athlonite, Theinsanegamer, WhoCaresAnymore and 1 other person
Athlonite said:
Only a fool thinks that Linux and MacOS are secure guess what they're not yeah they don't have as many attacks on them but they also don't have as big of a end user base as windows either if they did then it would be just as bad for them too so please stop with the FUD
Click to expand...

But, they will remain more secure than Windows as long as they are not the majority. So, his comment is correct, in theory.
 
Athlonite said:
Only a fool thinks that Linux and MacOS are secure guess what they're not yeah they don't have as many attacks on them but they also don't have as big of a end user base as windows either if they did then it would be just as bad for them too so please stop with the FUD
Click to expand...
"Only a fool thinks that Linux and MacOS are secure"
"yeah they don't have as many attacks on them"

You are contradicting yourself. Typical fool who thinks he knows the best. Learn first more about Mac or Linux architecture and their fundamental differences to Windows. Linux has been made with security and online presence in mind. Windows? Usability and convenience. Convenience is a enemy of security. That's why Linux is perceived as less user friendly, but it is much more secure in normal daily use.
There is a reason why Mac/Linux users don't need anything like "antivirus" (lol).
 
SixTymes said:
What's the KB number?
Click to expand...

Rq3EWAq said:
"Only a fool thinks that Linux and MacOS are secure"
"yeah they don't have as many attacks on them"

You are contradicting yourself. Typical fool who thinks he knows the best. Learn first more about Mac or Linux architecture and their fundamental differences to Windows. Linux has been made with security and online presence in mind. Windows? Usability and convenience. Convenience is a enemy of security. That's why Linux is perceived as less user friendly, but it is much more secure in normal daily use.
There is a reason why Mac/Linux users don't need anything like "antivirus" (lol).
Click to expand...
If you don't have anti-virus on Mac you're a sitting duck. MacOS has 3,100+ vulnerabilities. Like Linux, it has to be patched to be secure from direct attacks. Linux is also becoming more user friendly and opening itself up to the same issues as Windows (Debian has nearly 7,500 vulnerabilities). No matter what operating system you use, it has vulnerabilities, and these let in attackers, typically via user actions, you can be infected and never know it if you don't have some form of AV.
 
Last edited:
  • Like
Reactions: Athlonite
Rq3EWAq said:
"Only a fool thinks that Linux and MacOS are secure"
"yeah they don't have as many attacks on them"

You are contradicting yourself. Typical fool who thinks he knows the best. Learn first more about Mac or Linux architecture and their fundamental differences to Windows. Linux has been made with security and online presence in mind. Windows? Usability and convenience. Convenience is a enemy of security. That's why Linux is perceived as less user friendly, but it is much more secure in normal daily use.
There is a reason why Mac/Linux users don't need anything like "antivirus" (lol).
Click to expand...
Calling one a fool while conflating the number of attacks with how secure an OS is says a lot about your cognitive abilities.
 
  • Like
Reactions: Athlonite
Just Some Dude said:
If you don't have anti-virus on Mac you're a sitting duck. MacOS has 3,100+ vulnerabilities. Like Linux, it has to be patched to be secure from direct attacks. Linux is also becoming more user friendly and opening itself up to the same issues as Windows (Debian has nearly 7,500 vulnerabilities). No matter what operating system you use, it has vulnerabilities, and these let in attackers, typically via user actions, you can be infected and never know it if you don't have some form of AV.
Click to expand...
I don't know where you took 7500 number from, sounds like a number of reported open issues (it's open source, wishlist items are reported as "bugs" too).
Every system has 0-day vulnerabilities, that's true. The difference is that Linux or Mac has inherently more secure OS model compared to Windows.
Additionally, on Windows, users every day need to go to search engine and look for their programs they need and download them from various websites. I guess 95% of attacks on Windows are just users installing malware themselves.
On Linux/Mac this is not a problem, because almost all software comes from system repository/store. Software outside of repository are the likes of Steam games. Much more secure than installing ALL your software on Windows from 50 different websites on the Internet.
And lastly, even if Mac/Linux users went and visited some malicious website, downloaded random .exe file will not run because it's for different operating system.
 
Rq3EWAq said:
"Only a fool thinks that Linux and MacOS are secure"
"yeah they don't have as many attacks on them"

You are contradicting yourself. Typical fool who thinks he knows the best. Learn first more about Mac or Linux architecture and their fundamental differences to Windows. Linux has been made with security and online presence in mind. Windows? Usability and convenience. Convenience is a enemy of security. That's why Linux is perceived as less user friendly, but it is much more secure in normal daily use.
There is a reason why Mac/Linux users don't need anything like "antivirus" (lol).
Click to expand...
neither of my statements you quoted are contradictory
If I had of said that Linux or MacOS have no attacks you'd be correct but I did not
and security by obscurity doesn't work anymore but you keep on thinking that way when your Linux install starts being part of a bot farm without you knowing
 
Rq3EWAq said:
I don't know where you took 7500 number from, sounds like a number of reported open issues (it's open source, wishlist items are reported as "bugs" too).
Every system has 0-day vulnerabilities, that's true. The difference is that Linux or Mac has inherently more secure OS model compared to Windows.
Additionally, on Windows, users every day need to go to search engine and look for their programs they need and download them from various websites. I guess 95% of attacks on Windows are just users installing malware themselves.
On Linux/Mac this is not a problem, because almost all software comes from system repository/store. Software outside of repository are the likes of Steam games. Much more secure than installing ALL your software on Windows from 50 different websites on the Internet.
And lastly, even if Mac/Linux users went and visited some malicious website, downloaded random .exe file will not run because it's for different operating system.
Click to expand...
Actually 80% of attacks on Windows are identity attacks; typically through social engineering. The remaining 20% are through vulnerabilities.
The nearly 7,500 vulnerabilities are CVE's for linux (Common Vulnerabilities and Exposures, and are internationaly confirmed).
 
Rq3EWAq said:
Don't use Windows. Problem solved. There is Mac, Linux. Easy.
I use Linux only on all my machines, it's never been easier. Linux has some to the mainstream, even gaming on my 144Hz 4K monitor is great.
Click to expand...
It's not problem solved as both of these alternatives have terrible software support.
 
EternalBlue was not a bug. It was a security flaw developed by NSA and incorporated in Windows. So, this new "bug" is most likely the same thing. A deliberate backdoor developed by "security" agencies. But once other actors learn about the backdoor, then they declare it a "bug" and patch all the machines.

The patch of course contains a new security flaw, which only the "security" agencies know how to use. And they use it extensively, until some hacker group discovers it.

After they detect that "unauthorized people", who didn't purchase the right to use that exploit, have started using the backdoor, the news spreads about this "bug". Some "experts" have found the "security flaw" in Windows which needs to be patched. And then all the machines are patched, but the patch contains a new backdoor.

And the cycle starts again.
 
Nobina said:
It's not problem solved as both of these alternatives have terrible software support.
Click to expand...
You either have paid customer support (Windows) or security 😉
Just Some Dude said:
Actually 80% of attacks on Windows are identity attacks; typically through social engineering. The remaining 20% are through vulnerabilities.
The nearly 7,500 vulnerabilities are CVE's for linux (Common Vulnerabilities and Exposures, and are internationaly confirmed).
Click to expand...
If we go through that metric, Microsoft has 17000 CVEs.
 
You must log in or register to reply here.

Similar threads

Daniel Sims
Unpatchable Apple Silicon vulnerability could leak encryption keys
Replies
15
Views
269
Dreadcthulhu
D
midian182
Mark Zuckerberg wins dismissal in lawsuits that sought to hold him personally liable for social media addiction
Replies
14
Views
126
Endymio
Endymio
A
Some QNAP NAS devices affected by a critical vulnerability, updates available right now
Replies
4
Views
178
Puiu
Puiu

Latest posts

Back