Critical Windows Zero-Day Alert: No Patch Available Yet for Users

Share:

Protect your systems with automated patching and server hardening strategies to defend against vulnerabilities like the NTLM zero-day. Stay proactive and secure your business.

Protect your systems with automated patching and server hardening strategies to defend against vulnerabilities like the NTLM zero-day. Stay proactive and secure your business.

A newly discovered Windows zero-day vulnerability exposes users across multiple Windows versions to credential theft. Discovered by 0patch researchers, this critical security flaw allows attackers to steal NTLM credentials through a deceptive yet simple method.

What Makes This Vulnerability Dangerous?

Widespread Impact

The vulnerability affects a wide range of Windows systems, including:

  • Windows Server 2022
  • Windows 11 (up to v24H2)
  • Windows 10 (multiple versions)
  • Windows 7 and Server 2008 R2

Exploitation Mechanism

Technical details of the vulnerability are withheld to minimize exploitation risk until Microsoft issues a fix to minimize any further risk of exploitation.

The vulnerability enables attackers to steal a user’s NTLM credentials by luring them into opening a malicious file in Windows Explorer.

Attackers can trigger the vulnerability through minimal user interaction:

  • Opening a shared folder
  • Accessing a USB disk
  • Simply viewing a malicious file in Windows Explorer
  • Accessing the Downloads folder with a strategically placed file

The Broader Context of Unpatched Vulnerabilities

This isn’t an isolated incident. The same research team has previously identified multiple unresolved Windows vulnerabilities, including:

  • Windows Theme file issue
  • “Mark of the Web” vulnerability
  • “EventLogCrasher” vulnerability
  • Three NTLM-related vulnerabilities (PetitPotam, PrinterBug/SpoolSample, and DFSCoerce)

0patch Micropatches

0patch is offering a free micropatch for the latest NTLM zero-day to all users registered on its platform until Microsoft releases an official fix. The security micropatch has already been automatically deployed to PRO and Enterprise accounts, except in cases where configurations explicitly block automatic updates.

“The impact on enterprises using outdated and legacy infrastructure is more significant than the simple impact on operating costs, said Jim Routh,” Chief Trust Officer at cybersecurity company Saviynt. “In this case, the obsolete authentication application (NTLM) from MS enables threat actors to steal Windows credentials potentially compromising customer experience.”

Focusing on the proactive approach

Automated patch management, like the protection provided to PRO and Enterprise accounts through 0patch, is a great start, but organizations need to do more. Implementing strong server-hardening strategies can add multiple layers of defence by setting consistent security configurations across all systems.

This proactive approach goes beyond simply reacting to vulnerabilities, helping businesses stay protected against threats like the recent NTLM zero-day vulnerability.

Source

Leave a Comment

Your email address will not be published. Required fields are marked *

loader-image
London, GB
11:20 am, Jul 11, 2025
weather icon 28°C
L: 26° | H: 30°
few clouds
Humidity: 44 %
Pressure: 1021 mb
Wind: 3 mph SSE
Wind Gust: 9 mph
UV Index: 0
Precipitation: 0 mm
Clouds: 13%
Rain Chance: 0%
Visibility: 10 km
Sunrise: 4:56 am
Sunset: 9:15 pm
DailyHourly
Daily ForecastHourly Forecast
Today 10:00 pm
weather icon
26° | 30°°C 0 mm 0% 8 mph 47 % 1021 mb 0 mm/h
Tomorrow 10:00 pm
weather icon
18° | 30°°C 0 mm 0% 9 mph 65 % 1018 mb 0 mm/h
Sun Jul 13 10:00 pm
weather icon
17° | 27°°C 0 mm 0% 7 mph 73 % 1014 mb 0 mm/h
Mon Jul 14 10:00 pm
weather icon
20° | 29°°C 0 mm 0% 14 mph 71 % 1017 mb 0 mm/h
Tue Jul 15 10:00 pm
weather icon
15° | 27°°C 0 mm 0% 13 mph 71 % 1021 mb 0 mm/h
Today 1:00 pm
weather icon
29° | 29°°C 0 mm 0% 3 mph 41 % 1021 mb 0 mm/h
Today 4:00 pm
weather icon
30° | 31°°C 0 mm 0% 5 mph 34 % 1019 mb 0 mm/h
Today 7:00 pm
weather icon
28° | 28°°C 0 mm 0% 5 mph 28 % 1017 mb 0 mm/h
Today 10:00 pm
weather icon
22° | 22°°C 0 mm 0% 8 mph 47 % 1019 mb 0 mm/h
Tomorrow 1:00 am
weather icon
18° | 18°°C 0 mm 0% 4 mph 55 % 1018 mb 0 mm/h
Tomorrow 4:00 am
weather icon
19° | 19°°C 0 mm 0% 4 mph 65 % 1018 mb 0 mm/h
Tomorrow 7:00 am
weather icon
19° | 19°°C 0 mm 0% 6 mph 64 % 1018 mb 0 mm/h
Tomorrow 10:00 am
weather icon
24° | 24°°C 0 mm 0% 6 mph 45 % 1017 mb 0 mm/h
Name Price24H (%)
Bitcoin(BTC)
€101,139.88
6.59%
Ethereum(ETH)
€2,571.95
8.45%
Tether(USDT)
€0.85
0.01%
XRP(XRP)
€2.24
7.60%
Solana(SOL)
€140.51
4.38%
USDC(USDC)
€0.85
0.01%
Dogecoin(DOGE)
€0.170312
10.25%
Shiba Inu(SHIB)
€0.000011
7.93%
Pepe(PEPE)
€0.000011
15.70%
Peanut the Squirrel(PNUT)
€0.246894
20.17%
Scroll to Top