Your IT Consultant

Default Chrome Setting Can Expose Windows Credentials

May 23, 2017

Another day, another hack. We just saw how WannaCry exploited a Windows system using the SMB protocol. The SMB file sharing protocol has also been used to leak authentication credentials. Usually, the SMB attacks are limited to the local network. There have been no publicly demonstrated SMB authentication related attacks on browsers other than Internet Explorer and Edge in the past decade. I'm hearing another reason not to use Edge or IE. However, Chrome has a problem with its default configuration. The Chrome browser will automatically download files that it deems safe without prompting the user for a download location but instead using the preset one according to a post on Help Net Security. Read the whole post to get all the technical details.

As I've said many times…update, update, update and change the defaults. To disable automatic downloads in Chrome, go to Settings -> Show advanced settings -> Check the Ask where to save each file before downloading option. This will significantly decrease the attacks described in the post.

E-mail: Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
https://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://www.senseient.com