A critical NTLM zero-day vulnerability in Windows allows attackers to steal credentials by viewing a malicious file, impacting users.
A critical zero-day vulnerability in Microsoft Windows exposes millions of users to NTLM credential theft. Affecting Windows 7 to Windows 11 24H2, the flaw allows attackers to steal login credentials by merely viewing a malicious file in Windows Explorer, without opening it. This compromises sensitive systems, data, and networks.
The vulnerability, which targets the NTLM credential stealing, is the third serious zero-day in recent months affecting the Windows OS, the Personal and the Server editions, the MOTW bypass, and the Windows Theme exploit. This weakness can be turned into a threat and result in lateral movement in the network, escalating privileges, and, eventually, complete system compromise.
Microsoft has not yet released the official patch, but National CERT has provided the most important measures to prevent this risk.
