Security News > 2024 > December > New Windows zero-day exposes NTLM credentials, gets unofficial patch

New Windows zero-day exposes NTLM credentials, gets unofficial patch

2024-12-06 16:32

A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. [...]

News URL

https://www.bleepingcomputer.com/news/security/new-windows-zero-day-exposes-ntlm-credentials-gets-unofficial-patch/

#credential #ntlm #patch #windows #zeroday

Related news

New Windows zero-day leaks NTLM hashes, gets unofficial patch (source)
Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017 (source)
New Windows zero-day exploited by 11 state hacking groups since 2017 (source)
APTs have been using zero-day Windows shortcut exploit for eight years (ZDI-CAN-25373) (source)
EncryptHub linked to MMC zero-day attacks on Windows systems (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.