New Windows security vulnerability discovered, Microsoft reassures low threat level

Brad Stephenson

Millions of users' information potentially exposed in recently discovered vulnerability

Researchers at the security firm, Cylance, have found a vulnerability in the Windows operating system that could potentially give hackers users’ login information by intercepting background server requests such as those used when programs check to see if a software update is available online.

The vulnerability, named ‘Redirect to SMB’, is apparently very similar to one that was found in the 1990s that required users to click on suspicious links within emails or on a website — though requires next to no activity from the user this time around.

While hearing about a new security flaw may initially cause concern, this particular vulnerability has so far only been discovered in the laboratory and there is no evidence to suggest that anyone has ever used it and Microsoft has stated that it’s not as big a threat to security as it first appears and requires very specific parameters for it to occur. Microsoft also reminds everyone of several features in Windows, like Extended Protection for Authentication, “which enhances existing defenses for handling network connection credentials.”

Microsoft updates its Windows platform on a fairly regular basis to increase its security and stability. To ensure your device has the most secure version of Windows, be sure to enable automatic updates in the system settings.

Is Windows security something you worry about or is it not even an issue? Let us know in the comments!