Security News > 2024 > December > New Windows zero-day exposes NTLM credentials, gets unofficial patch

New Windows zero-day exposes NTLM credentials, gets unofficial patch

2024-12-06 16:32

A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. [...]

News URL

https://www.bleepingcomputer.com/news/security/new-windows-zero-day-exposes-ntlm-credentials-gets-unofficial-patch/

#credential #ntlm #patch #windows #zeroday

Related news

Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast (source)
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
Windows Patch Tuesday hits snag with Citrix software, workarounds published (source)
7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now (source)
Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day (source)
Don't want your Kubernetes Windows nodes hijacked? Patch this hole now (source)
Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials (source)

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.