Comments on: Large scale Windows SMB vulnerability puts user login credentials at risk https://www.emsisoft.com/en/blog/15419/large-scale-windows-smb-vulnerability-puts-user-login-credentials-at-risk/ Straight-talking security advice from the Malware Experts Sat, 01 Jan 2022 22:39:24 +0000 hourly 1 By: Glenn McGrew II https://www.emsisoft.com/en/blog/15419/large-scale-windows-smb-vulnerability-puts-user-login-credentials-at-risk/#comment-432484 Sat, 02 May 2015 14:16:00 +0000 http://blog.emsisoft.com/?p=15419#comment-432484 In reply to Robert Burger.

Thanks, I fixed it!

]]>
By: Robert Burger https://www.emsisoft.com/en/blog/15419/large-scale-windows-smb-vulnerability-puts-user-login-credentials-at-risk/#comment-432137 Fri, 01 May 2015 17:28:00 +0000 http://blog.emsisoft.com/?p=15419#comment-432137 In reply to Glenn McGrew II.

Last line where it says, “TCP ports 139 & 449”.
Believe it should say, “TCP ports 139 & 445”.

]]>
By: Glenn McGrew II https://www.emsisoft.com/en/blog/15419/large-scale-windows-smb-vulnerability-puts-user-login-credentials-at-risk/#comment-424776 Fri, 17 Apr 2015 07:18:00 +0000 http://blog.emsisoft.com/?p=15419#comment-424776 Windows 7:
Click Start >> Control Panel >> Windows Firewall
On the far left side, click “Advanced Settings”. A new window will open.
On the far left side, click “Outbound Rules.”
On the far right side, click “New Rule…” A new window will open.
A list of choices with radio (round) buttons will appear. Click “Port”, and then the “Next >” button.
You will see 2 pairs of choices on the new screen. For the upper pair, it should be set to “TCP”. For the lower pair, it should be set to “Specific remote ports:” and you should click in the white data entry field to the right of it.
Type in “139, 445” (but not the quotation marks – there is an example below the field if you’re confused). Then click the “Next >” button.
It should be set to “Block the connection.” Then click the “Next >” button.
All options should be check-marked. Then click the “Next >” button.
For the name, type something you’ll understand later, like “SMB Vulnerability Fix”.
For the description, again type something you’ll understand later, like “Blocks outgoing TCP ports 139 & 449”. Then click the “Finish” button.

]]>
By: Glenn McGrew II https://www.emsisoft.com/en/blog/15419/large-scale-windows-smb-vulnerability-puts-user-login-credentials-at-risk/#comment-424775 Fri, 17 Apr 2015 07:04:00 +0000 http://blog.emsisoft.com/?p=15419#comment-424775 So Bitdefender AV Free, the company which Emsisoft partnered with for your dual-engine technology, has this problem? Any idea when this will be resolved?

It might be nice to explain to readers how to block those ports in Windows Firewall….

]]>
By: Tauseef https://www.emsisoft.com/en/blog/15419/large-scale-windows-smb-vulnerability-puts-user-login-credentials-at-risk/#comment-424758 Fri, 17 Apr 2015 06:15:00 +0000 http://blog.emsisoft.com/?p=15419#comment-424758 Here they should try vpn which is best for this purpose and specially they can get from vpnranks .com

]]>
By: B.Cord Edleman Jr https://www.emsisoft.com/en/blog/15419/large-scale-windows-smb-vulnerability-puts-user-login-credentials-at-risk/#comment-424755 Fri, 17 Apr 2015 05:28:00 +0000 http://blog.emsisoft.com/?p=15419#comment-424755 You could also just use a VPN. ;)

]]>