Wednesday, August 7, 2013

Microsoft Security Advisory (2876146) Wireless PEAP-MS-CHAPv2 Authentication Could Allow Information Disclosure

Microsoft announced a security advisory that affects Windows Phone 8 and Windows Phone 7.8.

 "To exploit this issue, an attacker controlled system could pose as a known Wi-Fi access point, causing the targeted device to automatically attempt to authenticate with the access point, and in turn allowing the attacker to intercept the victim's encrypted domain credentials. An attacker could then exploit cryptographic weaknesses in the PEAP-MS-CHAPv2 protocol to obtain the victim's domain credentials. Those credentials could then be re-used to authenticate the attacker to network resources, and the attacker could take any action that the user could take on that network resource."

 Here's the link for suggested actions from Microsoft...

http://technet.microsoft.com/en-us/security/advisory/2876146
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Hack the Box Blue

https://arcy24.medium.com/hack-the-box-blue-f5ae5b602a5c

  • Report: 97% Of Mobile Malware Is On Android. This Is The Easy Way You Stay Safe
    In 2013 Android grew to a very large number: 87%. This was its share of the global smartphone market. It also grew to an even larger one: 97...
  • iVerify
    Pretty neat tool for iOS devices! iVerify is an integrity validator for iOS devices capable of reliably detecting modifications such as mal...
  • Tools/Info:ICMP Types
    ICMP TYPE NUMBERS (last updated 2008-02-13) Registries included below: - ICMP Type Numbers - Code Fields - ICMP Extension Objects Classes Th...