Varonis, a data security firm, has disclosed a new vulnerability and three attack methods for obtaining NTLM v2 hashes via Microsoft Outlook and two Windows programs.
Under CVE-2023-35636, the new vulnerability is being monitored. Microsoft has rated its severity as “important,” and their December 2023 Patch Tuesday updates addressed it. According to Varonis, the remaining problems have been rated “moderate” severity and are not yet patched. A protocol called NTLM v2 is used to authenticate users to distant servers.
Threat actors may find value in an NTLM v2 hash of a user’s password because they can use it for direct authentication or use it as the basis for a brute-force attack to obtain the password in plaintext.
Read More: New NTLM Hash Leak Attacks Target Outlook, Windows Programs
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
