Security News > 2023 > May > Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft
The vulnerability, tracked as CVE-2023-29324, has been described as a security feature bypass.
Akamai security researcher Ben Barnea, who discovered and reported the bug, noted that all Windows versions are affected, but pointed out Microsoft, Exchange.
"An unauthenticated attacker on the internet could use the vulnerability to coerce an Outlook client to connect to an attacker-controlled server," Barnea said in a report shared with The Hacker News.
"This results in NTLM credentials theft. It is a zero-click vulnerability, meaning it can be triggered with no user interaction."
"This vulnerability is yet another example of patch scrutinizing leading to new vulnerabilities and bypasses," Barnea said.
In order to stay fully protected, Microsoft is further recommending users to install Internet Explorer Cumulative updates to address vulnerabilities in the MSHTML platform and scripting engine.
News URL
https://thehackernews.com/2023/05/experts-detail-new-zero-click-windows.html
Related news
- Windows Themes zero-day bug exposes users to NTLM credential theft (source)
- Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Patching problems: The “return” of a Windows Themes spoofing vulnerability (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-09 | CVE-2023-29324 | Unspecified vulnerability in Microsoft products Windows MSHTML Platform Security Feature Bypass Vulnerability | 6.5 |