all InfoSec news
Free Micropatches For Microsoft Access Forced Authentication Through Firewall (0day)
Malware Analysis, News and Indicators - Latest topics malware.news
On November 9, 2023, Check Point Research published an article about an "information disclosure" / "forced authentication" vulnerability in Microsoft Access that allows an attacker to obtain the victim's NTLM hash by having them open a Microsoft Office document (docx, rtf, accdb, etc.) with an embedded Access database.
Many similar vulnerabilities have been disclosed in the last few years, all having a common theme of forcing a Windows process to authenticate to attacker's server and thereby disclose credentials of Windows …
0day access article attacker authentication check check point database disclosure document docx embedded etc firewall free hash information information disclosure microsoft microsoft office november ntlm office point research rtf victim vulnerability