Summary: A new Windows zero-day vulnerability allows remote attackers to steal NTLM credentials by getting users to view malicious files in Windows Explorer. Although not classified as critical, the flaw affects all Windows versions and has been exploited in actual attacks. Free unofficial patches are available through the 0Patch service until official fixes from Microsoft are released.
Affected: All versions of Windows and Windows Server
Keypoints :
- New SCF File NTLM hash disclosure vulnerability discovered, affecting Windows 7 to Windows 11 and Server 2008 R2 to Server 2025.
- Attackers can trick victims into viewing malicious files to obtain NTLM credentials, facilitating further network access.
- ACROS Security provides free micropatches until Microsoft issues official fixes, encouraging users to set up the 0patch agent for automatic patching.