By Francis Uliel
– Published on December 16, 2024 at 4:00 p.m.
Alarm to Windows users: a terrible zero-day vulnerability hits all versions of the operating system, including the very recent Windows 11 24H2. Networks are shuddering as hackers actively exploit this critical flaw to steal NTLM credentials by simply viewing files.
An alarmingly serious zero-day vulnerability was recently discovered affecting all versions of Windows, including Windows 11 24H2. This flaw allows the theft of authentication credentials simply by viewing a malicious file, thus putting user data at risk without any action on their part. The company 0patch has released a temporary fix, but no official solution has yet been offered by Microsoft.
Your Windows credentials at risk, a flaw allows them to be stolen in just one click
In the digital world where threats are constantly evolving, a new vulnerability has hit the most used platform in the world: Microsoft Windows. All versions of the operating system, from Windows 7 to Windows 11 24H2, are affected by this security flaw. It alone allows the immediate theft of a user’s NTLM identifiers.
The method of executing this flaw is extremely simple and surprising. A user could have their credentials stolen simply by viewing a malicious file through Windows Explorer. Whether through an infected USB drive, a shared folder or a downloaded file, the risk is omnipresent.
Windows under pressure, critical NTLM flaw puts your credentials at great risk
NTLM credentials are crucial in the Windows authentication system. Their capture by malicious people would either immediately usurp the user’s identity, or carry out a brute force attack in order to discover the password in clear text. In the absence of an official patch from Microsoft, this situation is all the more worrying for IT infrastructures using the Windows system.
Similar precedents
This type of vulnerability is not new. Similar flaws, such as PetitPotam and PrinterBug, continue to persist without definitive fixing, leaving a large number of users in a vulnerable situation despite growing awareness of cybersecurity threats.
An emergency solution to the NTLM flaw, this temporary fix can protect you
Faced with this threat and the lack of immediate reaction from Microsoft, the 0patch team took the lead by developing a temporary and unofficial fix. Although this solution is not definitive, it provides a temporary reprieve until Microsoft acts to officially address this vulnerability.
At the same time, Microsoft is encouraging users and businesses to migrate to more modern authentication methods, gradually abandoning the NTLM protocol, considered obsolete in terms of security. However, this transition takes time; As a result, applying 0patch is strongly recommended to reduce risks.
Stay vigilant
While awaiting an official patch, it is crucial for users to exercise increased vigilance, especially when accessing shared folders or plugging in external devices. Cybersecurity always relies on the combination of advanced technologies and best practices by users themselves. Being aware of threats already means facing them with more serenity.
