All Windows Workstation and Server versions from 7 to the latest 11 v24H2 and Server 2022 are affected by a zero-day vulnerability. (fedia.io)

submitted 5 months ago by cybernews@infosec.exchange to c/cybersecurity@fedia.io

4 comments fedilink hide all child comments

All Windows Workstation and Server versions from 7 to the latest 11 v24H2 and Server 2022 are affected by a zero-day vulnerability.

#cybersecurity #Windows #vulnerability #CyberAttack #infosec

https://cnews.link/windows-zero-day-attackers-can-steal-ntlm-credentials-1/

top 4 comments

sorted by: hot top controversial new old

[-] I_Miss_Daniel@lemmy.world 4 points 5 months ago

I wonder if 0patch will become trusted enough for people to hang on to their Windows 10 machines into the future.

[-] BearOfaTime@lemm.ee 4 points 5 months ago

That's a big hill to climb.

Enterprise will always upgrade as usual. Besides, those are all domain based systems if my memory is right, NTLM is only used for local accounts.

Even SMB runs a domain - it's just easier to manage access control.

This issue just pushes me to setup a domain for home use.

[-] Ptsf@lemmy.world 2 points 5 months ago

NTLM is enabled in some domain based environments. I have to enable it for several service accounts used for connecting legacy appliances. If it "works" Goodluck getting the business to upgrade.

[-] HaleHirsute@infosec.pub 2 points 5 months ago

Seems a bad one.

this post was submitted on 06 Dec 2024

50 points (100.0% liked)

Cybersecurity

2 readers

26 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

founded 2 years ago

MODERATORS

shellsharks@fedia.io

tweedge@fedia.io