Researchers at Acros Security have confirmed a serious zero-day threat affecting all versions of Windows, from 7 through 11, as well as Windows Server 2008 R2 onwards. This vulnerability, which has been reported to Microsoft but currently lacks any official patch, allows attackers to steal users’ NTLM credentials. The exploit occurs when users view a malicious file in Windows Explorer, potentially leading to data breaches.
According to Mitja Kolsek, the founder of Acros Security and operator of the 0patch platform, the vulnerability can be exploited simply by opening a shared folder or USB drive containing the infected file. Even viewing the downloads folder, where the file might be automatically downloaded from an attacker’s webpage, can trigger the exploit.
To mitigate the risk until Microsoft releases an official fix, users can install a free "micropatch" provided by the 0patch platform. This solution is available even for versions of Windows that are no longer supported officially. Users are encouraged to take these precautionary steps while awaiting further developments from Microsoft regarding the security issue.
For additional context, this vulnerability comes amid related warnings to smartphone users and other cybersecurity threats, underscoring the growing complexity of maintaining security across various platforms and devices.
For more details, visit 0patch’s website on this topic.