New Windows NTLM Zero-Day Exposes Credentials, Unofficial Patch Released

by Justin Erickson

A newly discovered Windows zero-day vulnerability allows attackers to leak NTLM hashes and hijack credentials simply by tricking users into viewing a malicious file in File Explorer. This flaw, which remains unpatched by Microsoft, exploits a weakness in NTLM (New Technology LAN Manager) authentication, allowing attackers access to sensitive information like passwords and logins. A third-party, unofficial patch has been released by 0patch to mitigate the vulnerability until Microsoft provides an official fix. If your system is affected, implement the third-party patch, avoid opening untrusted files, and disable NTLM authentication. No CVE has been assigned to this vulnerability yet.