Security News > 2023 > May > Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft

The vulnerability, tracked as CVE-2023-29324, has been described as a security feature bypass.
Akamai security researcher Ben Barnea, who discovered and reported the bug, noted that all Windows versions are affected, but pointed out Microsoft, Exchange.
"An unauthenticated attacker on the internet could use the vulnerability to coerce an Outlook client to connect to an attacker-controlled server," Barnea said in a report shared with The Hacker News.
"This results in NTLM credentials theft. It is a zero-click vulnerability, meaning it can be triggered with no user interaction."
"This vulnerability is yet another example of patch scrutinizing leading to new vulnerabilities and bypasses," Barnea said.
In order to stay fully protected, Microsoft is further recommending users to install Internet Explorer Cumulative updates to address vulnerabilities in the MSHTML platform and scripting engine.
News URL
https://thehackernews.com/2023/05/experts-detail-new-zero-click-windows.html
Related news
- Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) (source)
- New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
- Microsoft Patches 125 Flaws Including Actively Exploited Windows CLFS Vulnerability (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) (source)
- Microsoft: Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’ (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-09 | CVE-2023-29324 | Unspecified vulnerability in Microsoft products Windows MSHTML Platform Security Feature Bypass Vulnerability | 6.5 |