EN
EN DE
EN
EN DE
Contact Us
Sign Up
Topics
Finance & insurance
Trade
Industry
IT & Consulting
Tourism
Transport
Law
Public

Critical Windows Zero-Day Alert: No Patch Available Yet for Users

0
Share:

Protect your systems with automated patching and server hardening strategies to defend against vulnerabilities like the NTLM zero-day. Stay proactive and secure your business.

Protect your systems with automated patching and server hardening strategies to defend against vulnerabilities like the NTLM zero-day. Stay proactive and secure your business.

A newly discovered Windows zero-day vulnerability exposes users across multiple Windows versions to credential theft. Discovered by 0patch researchers, this critical security flaw allows attackers to steal NTLM credentials through a deceptive yet simple method.

What Makes This Vulnerability Dangerous?

Widespread Impact

The vulnerability affects a wide range of Windows systems, including:

  • Windows Server 2022
  • Windows 11 (up to v24H2)
  • Windows 10 (multiple versions)
  • Windows 7 and Server 2008 R2

Exploitation Mechanism

Technical details of the vulnerability are withheld to minimize exploitation risk until Microsoft issues a fix to minimize any further risk of exploitation.

The vulnerability enables attackers to steal a user’s NTLM credentials by luring them into opening a malicious file in Windows Explorer.

Attackers can trigger the vulnerability through minimal user interaction:

  • Opening a shared folder
  • Accessing a USB disk
  • Simply viewing a malicious file in Windows Explorer
  • Accessing the Downloads folder with a strategically placed file

The Broader Context of Unpatched Vulnerabilities

This isn’t an isolated incident. The same research team has previously identified multiple unresolved Windows vulnerabilities, including:

  • Windows Theme file issue
  • “Mark of the Web” vulnerability
  • “EventLogCrasher” vulnerability
  • Three NTLM-related vulnerabilities (PetitPotam, PrinterBug/SpoolSample, and DFSCoerce)

0patch Micropatches

0patch is offering a free micropatch for the latest NTLM zero-day to all users registered on its platform until Microsoft releases an official fix. The security micropatch has already been automatically deployed to PRO and Enterprise accounts, except in cases where configurations explicitly block automatic updates.

“The impact on enterprises using outdated and legacy infrastructure is more significant than the simple impact on operating costs, said Jim Routh,” Chief Trust Officer at cybersecurity company Saviynt. “In this case, the obsolete authentication application (NTLM) from MS enables threat actors to steal Windows credentials potentially compromising customer experience.”

Focusing on the proactive approach

Automated patch management, like the protection provided to PRO and Enterprise accounts through 0patch, is a great start, but organizations need to do more. Implementing strong server-hardening strategies can add multiple layers of defence by setting consistent security configurations across all systems.

This proactive approach goes beyond simply reacting to vulnerabilities, helping businesses stay protected against threats like the recent NTLM zero-day vulnerability.

Source

Leave a Comment

Your email address will not be published. Required fields are marked *

loader-image
London, GB
10:30 am, Apr 22, 2025
weather icon 13°C
L: 12° | H: 14°
few clouds
Humidity: 72 %
Pressure: 1017 mb
Wind: 8 mph SW
Wind Gust: 0 mph
UV Index: 0
Precipitation: 0 mm
Clouds: 20%
Rain Chance: 0%
Visibility: 10 km
Sunrise: 5:49 am
Sunset: 8:07 pm
DailyHourly
Daily ForecastHourly Forecast
Today 10:00 pm
weather icon
12° | 14°°C 0 mm 0% 11 mph 76 % 1017 mb 0 mm/h
Tomorrow 10:00 pm
weather icon
8° | 11°°C 1 mm 100% 12 mph 94 % 1018 mb 0 mm/h
Thu Apr 24 10:00 pm
weather icon
8° | 16°°C 0.71 mm 71% 5 mph 91 % 1023 mb 0 mm/h
Fri Apr 25 10:00 pm
weather icon
8° | 17°°C 0.2 mm 20% 7 mph 90 % 1023 mb 0 mm/h
Sat Apr 26 10:00 pm
weather icon
11° | 18°°C 1 mm 100% 7 mph 98 % 1023 mb 0 mm/h
Today 1:00 pm
weather icon
14° | 15°°C 0 mm 0% 8 mph 64 % 1017 mb 0 mm/h
Today 4:00 pm
weather icon
16° | 17°°C 0 mm 0% 10 mph 49 % 1016 mb 0 mm/h
Today 7:00 pm
weather icon
14° | 14°°C 0 mm 0% 11 mph 56 % 1016 mb 0 mm/h
Today 10:00 pm
weather icon
10° | 10°°C 0 mm 0% 7 mph 76 % 1016 mb 0 mm/h
Tomorrow 1:00 am
weather icon
10° | 10°°C 0 mm 0% 7 mph 77 % 1014 mb 0 mm/h
Tomorrow 4:00 am
weather icon
9° | 9°°C 1 mm 100% 10 mph 94 % 1012 mb 0 mm/h
Tomorrow 7:00 am
weather icon
8° | 8°°C 1 mm 100% 11 mph 93 % 1011 mb 0 mm/h
Tomorrow 10:00 am
weather icon
8° | 8°°C 1 mm 100% 9 mph 93 % 1012 mb 0 mm/h
Weather from OpenWeatherMap
Name Price24H (%)
Bitcoin(BTC)
€76,750.98
1.20%
Ethereum(ETH)
€1,411.93
-1.08%
Tether(USDT)
€0.87
0.00%
XRP(XRP)
€1.82
-1.55%
Solana(SOL)
€120.99
-0.64%
USDC(USDC)
€0.87
0.00%
Dogecoin(DOGE)
€0.142672
1.51%
Shiba Inu(SHIB)
€0.000011
-1.08%
Pepe(PEPE)
€0.000007
3.46%
Risikomonitor
Know and monitor IT vulnerabilities with just one click before it is too late.

Utility link

Useful link

Newsletter

Follow Us

Facebook Twitter Youtube Linkedin

© 2025 risikomonitor.com gmbh

Scroll to Top