A recently discovered zero-day vulnerability in Microsoft's NT LAN Manager (NTLM) protocol presents major security risks, with a patch scheduled for release in April 2025.
A recently discovered zero-day vulnerability in Microsoft's NT LAN Manager (NTLM) protocol presents major security risks, with a patch scheduled for release in April 2025.
This vulnerability, affecting all Windows versions from Windows 7 through Windows 11, allows attackers to capture NTLM authentication hashes, which could allow hackers to gain unauthorized access to systems.
The vulnerability was first identified by ACROS Security while they were addressing a related issue, CVE-2024-38030, which involved a Windows Themes impersonation vulnerability that Microsoft patched in July 2024.
This new vulnerability is similar to previous ones, where attackers can trick a device into sending NTLM hashes to an attacker's system.
Microsoft knows about the issue and plans to release a patch in April 2025. In the meantime, the company recommends disabling NTLM where feasible or restricting its use through group policies.
Implementing additional security measures, such as SMB signing and Extended Protection for Authentication, can also help mitigate the risk.
Organizations are encouraged to assess their reliance on NTLM and promptly apply the recommended mitigations to reduce potential vulnerabilities. Additionally, it is imperative to stay informed about updates from Microsoft to ensure the ongoing security of systems
Want your digital assets to be protected?
CyberShelter provides innovative and modern cybersecurity products and niche services to individuals and organization against all kinds of cyber threats.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.