![]() Once stolen, the NTLM password hash can be used for authentication purposes. Windows New technology LAN Manager (NTLM) is a suite of security protocols that use hashed login credentials for authentication in Windows domains. It’s a privilege escalation vulnerability with a 9.8 CVSS score affecting all supported versions of Outlook for Windows.Įssentially, the vulnerability lets remote attackers send a specially crafted email to a vulnerable system to access the victim’s NTLM password hash. ![]() The zero-day flaw ( CVE-2023-23397) was first reported discovered by Ukraine’s Computer Emergency Response Team (CERT-UA). The company confirmed that a Russian hacking group exploited the NTLM vulnerability to target several European and military organizations in 2022. Microsoft has released patches to address a critical security flaw in Outlook for Windows.
0 Comments
Leave a Reply. |