Patching problems: The “return” of a Windows Themes spoofing vulnerability

Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes file still affects Microsoft’s operating system, 0patch researchers have discovered. The path to discovery The story starts with CVE-2024-21320, a Windows Themes spoofing vulnerability that was reported by Akamai security researcher Tomer Peled and fixed by Microsoft in January 2024.

Source: Help Net Security

 


Date:

Categorie(s):