#1
A zero-day vulnerability in Windows allows NTLM credentials to be intercepted, and to exploit it, it is enough to trick the user into viewing a malicious file through Windows Explorer. There is no official fix for this problem yet.

The fresh vulnerability, which has not yet been assigned a CVE identifier, was discovered by specialists from the 0patch company. Let us remind you that 0patch is a platform designed specifically for such situations, that is, fixing 0-day and other unpatched vulnerabilities, to support products that are no longer supported by the manufacturers themselves, updating custom software, and so on.

According to 0patch, the new problem affects all versions of Windows, from Windows 7 and Server 2008 R2 to the latest Windows 11 24H2 and Server 2022.

Specialists are not disclosing the technical details of the bug until Microsoft releases an official fix (to prevent widespread exploitation of the vulnerability by attackers). However, the researchers explained that to carry out the attack, it is enough to force the user to view a specially prepared malicious file through File Explorer.

0patch reports that it has traditionally prepared a free micropatch for the fresh 0-day, which will be available to all users of the platform until Microsoft releases an official fix. To get an unofficial patch, it is enough to create a free account on 0patch Central and launch a free trial version of the product.

source : https://blog.0patch.com/2024/12/url-file...osure.html