Security News > 2024 > December > New Windows zero-day exposes NTLM credentials, gets unofficial patch

New Windows zero-day exposes NTLM credentials, gets unofficial patch

2024-12-06 16:32

A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. [...]

News URL

https://www.bleepingcomputer.com/news/security/new-windows-zero-day-exposes-ntlm-credentials-gets-unofficial-patch/

#credential #ntlm #patch #windows #zeroday

Related news

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor (source)
RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks (source)
Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
New Windows Server 2012 zero-day gets free, unofficial patches (source)
Microsoft says premature patch could make Windows Recall forget how to work (source)
Micropatchers share 1-instruction fix for NTLM hash leak flaw in Windows 7+ (source)
Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (source)
Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast (source)
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.