Windows NTLM Zero-Day Exposes Credentials Without User Interaction

A newly discovered vulnerability affects all Windows versions from 7 to 11, with no official fix yet available from Microsoft.

Security researchers at 0patch revealed a zero-day vulnerability in Windows that leaks NTLM credential hashes when users merely view a malicious file in File Explorer.
The flaw impacts all supported and unsupported Windows versions, from Windows 7 and Server 2008 R2 to Windows 11 24H2 and Server 2022.
Microsoft has yet to release an official patch, while 0patch is offering a free micropatch to mitigate the issue until an official fix is available.
The vulnerability allows attackers to steal NTLM hashes, which can be used to authenticate as the victim or cracked to reveal plaintext passwords.
Users can also mitigate the risk by disabling NTLM authentication via Group Policy or registry modifications as a temporary safeguard.