In an advisory issued Monday, August 12, CERT-In said malicious actors can exploit the vulnerability to compromise the affected system.
According to CERT-In, this vulnerability arises from a weakness that allows unauthorized persons to access protected information. An attacker could exploit this issue by hosting a malicious website containing a specially crafted file to spoof (or mimic, technically speaking) a user’s computer.
However, the attacker cannot force users to visit the site; they must persuade them to open the file using social engineering tactics.
Successful exploitation of this vulnerability could expose NTLM hashes to a remote attacker, potentially leading to full compromise of the vulnerable system, CERT-In said.
NTLM (NT LAN Manager) is a Microsoft authentication protocol used to verify the identity of users and computers on a network.
CERT-In, in its advisory, said a workaround may mitigate the vulnerability.
The alternative solution:
- Block outgoing NTLM traffic to remote servers.
- Block all outgoing traffic to TCP port 445 (a network port commonly used for file sharing and other services in Windows).
- Add users to the protected users security groupwhich restricts the use of NTLM as an authentication mechanism.
The best way to stay safe from this risk is to apply updates. as mentioned in a Microsoft advisorysaid CERT-In.
Disclaimer
The information contained in this post is for general information purposes only. We make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the post for any purpose.
We respect the intellectual property rights of content creators. If you are the owner of any material featured on our website and have concerns about its use, please contact us. We are committed to addressing any copyright issues promptly and will remove any material within 2 days of receiving a request from the rightful owner.