New Windows Zero-Day Vulnerability Let Attackers Steal Credentials From Victim's Machine - #CVE-2024-38030
Two critical vulnerabilities related to Microsoft Themes have been disclosed and analyzed. The first, CVE-2024-21320, was identified by Akamai's Tomer Peled and allows for authentication coercion attacks via malicious UNC paths within theme files, leading to credential theft. Despite a patch from Microsoft addressing this issue, a bypass was discovered, leading to a new identifier, CVE-2024-38030. Microsoft's "Hacking for Variations" process aims to proactively find similar vulnerabilities, but a new zero-day in Windows 11 24H2 was uncovered by 0patch, showing continued risks. Recommendations for organizations include applying patches, implementing NTLM controls, and educating users on the dangers of suspicious files.