Weak Password Encryption Exposed in Windows '95
[13 December 1995] The Automated Systems Security Incident Support Team
(ASSIST) announced that Microsoft's implementation of a stream cipher
encrypting algorithm for PWL files has produced an easily broken
encryption. The report was prompted by the release on the Internet of
software that could break this encryption. The .PWL files contain
Windows 95 Resource passwords, including access information for remote
hosts. Resources possibly affected by passwords in .PWL files include,
but are not limited to, the following:
- Password-protected folders, directories, or printers for any
accessible Windows 95 system.
- Remote computers accessed either through the network, or
other access techniques (i.e., ftp, telnet, Kermit, etc. ).
- Windows NT computers that do not participate in a domain,
or the Windows NT logon password if the NT system is not
the Primary Network Logon Server.
- NetWare Servers.
In response, Microsoft has released an updated security component to upgrade
the encryption used; see URL
http://www.microsoft.com/windows/software/mspwlupd.htm
for details.