The details of the vulnerability were covered in my previous post. In this one I would like to briefly talk about the impact. Obviously, the vulnerability is very simple. Simple yet effective. However, this is not the type of vulnerability someone can exploit on a massive scale. Here is why.
The key element of the attack vector presented in my previous post is the attackers’ ability to point the victim to a file hosted on a NETBIOS share. [...]