FlagThis

CyberSecurity updates
2024-12-26 12:14:11 Pacfic
do son @ Cybersecurity News
Critical Windows Zero-Day Vulnerability: NTLM Hash Disclosure - 20d
Read more: securityonline.info

A critical zero-day vulnerability affecting all Windows versions from 7 to 11, and Server 2008 R2 to 2022, has been discovered. This flaw allows attackers to steal NTLM credentials simply by having a user view a malicious file in Windows Explorer; opening a shared folder, inserting a USB drive, or even browsing the Downloads folder could trigger the exploit. The vulnerability, discovered by 0patch researchers, doesn't require users to open or execute the file – merely viewing it is enough to compromise credentials. This highlights the ongoing risk posed by zero-day exploits and the importance of robust security patches and awareness programs.

0patch has reported the issue to Microsoft but has released free micropatches to mitigate the risk until an official fix is available. This is the third zero-day vulnerability 0patch has identified recently, with previous issues, including a Windows Theme file vulnerability and a ‘Mark of the Web’ bypass, still awaiting official Microsoft patches. The NTLM protocol itself has several known issues that Microsoft has chosen not to address, further emphasizing the need for proactive security measures and potentially alternative authentication methods. Organizations are urged to apply the available micropatches and consider additional security precautions.

Original img attribution: https://securityonline.info/wp-content/uploads/2024/12/0day.png
ImgSrc: securityonline.info
References:

Classification:

This site is an experimental news aggregator using feeds I personally follow. You can provide me feedback using this form or using Bluesky.