Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft
Cybersecurity researchers have disclosed a security flaw in Windows MSHTML platform that has now been patched by Microsoft. The vulnerability, tracked as CVE-2023-29324, is a security feature bypass that affects all Windows versions. The flaw could be exploited by an unauthenticated attacker on the internet to coerce an Outlook client to connect to an attacker-controlled server, resulting in NTLM credentials theft. The vulnerability is a zero-click vulnerability, meaning it can be triggered with no user interaction. The issue stems from complex handling of paths in Windows, allowing a threat actor to craft a malicious URL that can sidestep internet security zone checks. Microsoft recommends users install Internet Explorer Cumulative updates to address vulnerabilities in the MSHTML platform and scripting engine. CVEs: CVE-2023-29324, CVE-2023-23397 [View Article](https://thehackernews.com/2023/05/experts-detail-new-zero-click-windows.html)