If you use Windows 7 or the newly released Windows 8, and like to password your account, this might be worrying news for you. It's been revealed that recent Windows OS' store password hints in such a way that makes it almost effortless for a remote user to decrypt them, potentially making it easy for them to guess your password.
According to an article at Ars Technica, Windows stores the password clues in the OS registry in a scrambled form which can worryingly be converted to a straightforward and readable format. This specific vulnerability would be useful for a remote hacker who has perhaps intercepted a cryptographic hash of the targetted computer in question.
The vulnerability was recently found by a SpiderLabs researcher named Jonathan Claudius, who posted an automated script and posted it to a website called Metasploit, which specialises in Penetration Testing Software. He says that "although this stuff looked a bit unreadable on the surface we can now see that it can clearly be decoded and could be used by tools that extract the information from the SAM."
To put this in perspective, the security flaw allows a hacker to gain access to the password hint that a user has set, only through initiating a different attack beforehand. The user's actual password is never decrypted, but this vulnerability does make it easier to guess for a remote user wanting to gain access. It is worrying however, that the information was apparently gained through an only eight-line Ruby script which decoded the text.
Microsoft have yet to comment on the discovery of this latest vulnerability to Windows account security.
Source: Ars Technica | Image via SpiderLabs
43 Comments - Add comment