According to Neowin , a new zero-day vulnerability has just been discovered on all versions of Windows operating systems, from Windows 7, Server 2008 R2 to the latest Windows 11 24H2 and Server 2022. This vulnerability allows attackers to steal users' NTLM (New Technology LAN Manager) credentials with just a malicious file.
Multiple Windows versions affected by NTLM zero-day vulnerability
PHOTO: CYBER INSIDER SCREENSHOT
Dangerous zero-day vulnerability has a temporary patch
NTLM is an older authentication protocol and Microsoft has recommended users move to more modern and secure authentication methods.
According to 0patch, the security research team that discovered the vulnerability and released an unofficial patch, users can be attacked when viewing a malicious file in Windows Explorer, for example, opening a shared folder, USB or Downloads folder containing this file.
What's worrying is that even the latest Windows 11 24H2 version is affected. Microsoft has been notified of the vulnerability but has yet to release an official patch.
Currently, 0patch is also testing a patch for Windows Server 2025, the latest version just released by Microsoft in November.
Windows users are advised to update to the unofficial patch from 0patch to protect themselves from the risk of having their login credentials stolen. To download the patch, users can visit 0patch Central at www.central.0patch.com/auth/login and register for a free account.
Source: https://thanhnien.vn/lo-hong-zero-day-moi-dang-de-doa-moi-phien-ban-windows-18524120711530707.htm
Comment (0)