Windows 存在 Redirect to SMb 漏洞，所以不要亂點 file:// 的連結

(圖片來自 SPEAR – Redirect to SMB)

怎麼攻擊

就是你點了 file://xxxxxxx 連結， 然後被了中間人攻擊，認證動作被導到不明的 server，windows 就自動的認同這台 server。這個能被偷到帳號密碼。

誰被影響

1. Many widely used applications: Adobe Reader, Apple QuickTime and Apple Software Update that handles iTunes updates
2. Microsoft Applications: Internet Explorer, Windows Media Player, Excel 2010, and even Microsoft Baseline Security Analyzer
3. Developer Tools: Github for Windows, PyCharm, IntelliJ IDEA, PHP Storm and JDK 8u31’s installer
4. Security Tools: .NET Reflector and Maltego CE
   Antivirus Software: Symantec’s Norton Security Scan, AVG Free, BitDefender Free and Comodo Antivirus
5. Team Tools: Box Sync and TeamViewer

怎麼防護

1. 關閉內到外的 TCP 139 port 及 TCP 445 port
2. 更新軟體
3. 使用強一點的密碼

參考 18-year-old Unpatched Vulnerability Affects All Versions of Microsoft Windows