Windows 95 bug leaks your Windows account online

2 minute read

Recently, hackers discovered an old bug in both Windows 8 and 10 with the ability to leak the username and password associated with your Microsoft Account using through Edge or Outlook.

This flaw lets hackers include an image on a page that loads from a SMB network share. Edge or Outlook loads the network share and allows access to the network using Windows credentials. The username is sent in plain text while the password is converted to a NTLMv2 hash.

This is indeed worrying, and many people are wondering what they can do in order to protect their usernames and passwords. According to specialists and researchers, there are three main things that you can do. The first of them is to avoid connecting to various websites using any Microsoft software. Cut off Edge and Outlook from your list of programs to access the web and you will a little bit safer — though not completely.

The second thing you can do in order to be safer is to change your password to a stronger one. In general, long passwords that contain a variety of characters are harder to crack, even though it might be inconvenient to you to memorize them or write them down. The third and last thing recommended is to enable your firewall to block every SMB ports it finds. Make sure you enable egress filters for ports 137, 138, 139 and 445 and that you drop any IPs that lead to any of those ports. However, this is a solution for home users, not business ones.

RELATED STORIES YOU NEED TO CHECK OUT:

For various PC problems, we recommend to use this tool.

This tool will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Quickly fix PC issues and prevent others from happening with this software:

  1. Download this PC Repair Tool with Patended Technologies
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues (requires upgrade).