Windows Themes zero-day could have exposed users to credential theft and more
A similar vulnerability had been patched before, but it still persists
· TechRadarNews By Sead Fadilpašić published 31 October 2024
Security experts have recently uncovered a Windows Themes spoofing zero-day vulnerability that allows threat actors to steal NTLM credentials.
Earlier in 2024, Microsoft discovered, and patched, CVE-2024-21320 - a similar vulnerability with a 6.5 severity score (medium). The patch did not address the issue entirely, and could be bypassed, resulting in the discovery of CVE-2024-38030. Microsoft released the fix for this hole in July 2024.
Now, security researchers from Acros Security revealed how, as they were tinkering with the patch for CVE-2024-21320, they found “an additional instance of the very same problem that was still present on all fully updated Windows versions, up to currently the latest Windows 11 24H2.”
Micropatch available
NTLM (NT LAN Manager) is a suite of security protocols used for authentication, integrity, and confidentiality in Windows networks. It’s an older protocol, primarily replaced by Kerberos in modern systems, but it is still supported for backward compatibility.
The Register reached out to Microsoft regarding this discovery, and was told the OS maker was looking into it: "We're aware of this report and will take action as needed to help keep customers protected," a Microsoft spokesperson told the publication.
In the meantime, 0patch has developed a micropatch that fixes the issue, so those of you who are worried about the bug and don’t want to wait for Microsoft, can install this one in the meantime.
"Exploitation of this zero-day is identical to the previous ones previously reported by Akamai," Acros said.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsors