all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

A zero-click vulnerability in Windows allows stealing NTLM credentials

Add to bookmarks
May 11, 2023, 7:23 a.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

Researchers shared technical details about a flaw in Windows MSHTML platform, tracked as CVE-2023-29324, that could be abused to bypass security protections. Cybersecurity researchers have shared details about a now-patched security flaw, tracked as CVE-2023-29324 (CVSS score: 6.5), in Windows MSHTML platform. An attacker can exploit the vulnerability by crafting a malicious URL that would evade zone checks. “An attacker can […]


The post A zero-click vulnerability in Windows allows stealing NTLM credentials appeared first on Security Affairs.

breaking news bypass click credentials cve cvss cybersecurity exploit flaw hacking information security news it information security mshtml ntlm pierluigi paganini platform researchers score security security protections stealing technical vulnerability windows windows mshtml zero-click

Visit resource

More from securityaffairs.co / Security Affairs

Blackbasta gang claimed responsibility for Synlab Italia attack 2 hours ago | securityaffairs.co
april attack blackbasta breaking news +23
LockBit published data stolen from Simone Veil hospital in Cannes 21 hours ago | securityaffairs.co
april attack breaking news cyber +25
Russia-linked APT28 and crooks are still using the Moobot botnet 23 hours ago | securityaffairs.co
apt apt28 botnet breaking news +32
Dirty stream attack poses billions of Android installs at risk 1 day, 4 hours ago | securityaffairs.co
android android users applications apps +21
ZLoader Malware adds Zeus’s anti-analysis feature 1 day, 6 hours ago | securityaffairs.co
algorithm analysis anti-analysis authors +23
Ukrainian REvil gang member sentenced to 13 years in prison 1 day, 20 hours ago | securityaffairs.co
breaking news cyber crime cybercrime digital id +17
Pro-Russia hackers target critical infrastructure in North America and Europe 1 day, 22 hours ago | securityaffairs.co
agency america breaking news bureau +49
HPE Aruba Networking addressed four critical ArubaOS RCE flaws 2 days ago | securityaffairs.co
april aruba arubaos breaking news +26
Threat actors hacked the Dropbox Sign production environment 2 days, 4 hours ago | securityaffairs.co
access addresses authentication breached +24

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

IT Security Manager

@ Timocom GmbH | Erkrath, Germany
View on infosec-jobs.com

Cybersecurity Service Engineer

@ Motorola Solutions | Singapore, Singapore
View on infosec-jobs.com

Sr Cybersecurity Vulnerability Specialist

@ Health Care Service Corporation | Chicago Illinois HQ (300 E. Randolph Street)
View on infosec-jobs.com

Associate, Info Security (SOC) analyst

@ Evolent | Pune
View on infosec-jobs.com

Public Cloud Development Security and Operations (DevSecOps) Manager

@ Danske Bank | Copenhagen K, Denmark
View on infosec-jobs.com

Cybersecurity Risk Analyst IV

@ Computer Task Group, Inc | United States
View on infosec-jobs.com
View more jobs