Zero-day Windows NTLM hash vulnerability gets patched by third-party — credentials can be hijacked by merely viewing a malicious file in File Explorer

Windows 7 laptops
(Image credit: Shutterstock)

Back in June 2023, Microsoft officially announced it had deprecated support for its New Technology LAN Manager authentication protocol, which debuted in 1993 with Windows NT 3.1. It advised users to upgrade to Windows Negotiate but unfortunately, modern TLM vulnerabilities are still targeted at machines from Windows 7/Server 2008 R2 to Windows 11 Version 24H2 and Server 2022, and 0Patch recently discovered a new NTLM vulnerability that allows credential hijacking from merely viewing an infected folder, not even requiring the file to be directly opened.

While newer versions of Windows like Windows 11 will likely see a patch for this exploit in the coming weeks or months, older versions of Windows like Windows 7 are in particular danger. Windows 10 should still see a patch, but with 10's support due to end in October of next year and a paid support plan being required to extend it past that, the risk of issues like these remaining unpatched in the final release only increases.

Additionally, the actual patch ("micropatch") only addresses a single vulnerable NTLM instruction. So in theory, installing it should be pretty harmless... but this is still an unofficial security patch, so you can choose what to do according to your own discretion. Hopefully, Microsoft addresses this and other vulnerabilities in official updates sooner rather than later — if networking credentials being stolen from even just viewing an impacted folder in File Explorer it is quite a scary possibility.

Christopher Harper
Contributing Writer

Christopher Harper has been a successful freelance tech writer specializing in PC hardware and gaming since 2015, and ghostwrote for various B2B clients in High School before that. Outside of work, Christopher is best known to friends and rivals as an active competitive player in various eSports (particularly fighting games and arena shooters) and a purveyor of music ranging from Jimi Hendrix to Killer Mike to the Sonic Adventure 2 soundtrack.