Cybersecurity

1 readers

34 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

founded 2 years ago

MODERATORS

[email protected]

All Windows Workstation and Server versions from 7 to the latest 11 v24H2 and Server 2022 are affected by a zero-day vulnerability. (fedia.io)

submitted 2 weeks ago by [email protected] to c/[email protected]

4 comments fedilink hide all child comments

All Windows Workstation and Server versions from 7 to the latest 11 v24H2 and Server 2022 are affected by a zero-day vulnerability.

#cybersecurity #Windows #vulnerability #CyberAttack #infosec

https://cnews.link/windows-zero-day-attackers-can-steal-ntlm-credentials-1/

top 4 comments

sorted by: hot top controversial new old

[–] [email protected] 4 points 2 weeks ago (1 children)

I wonder if 0patch will become trusted enough for people to hang on to their Windows 10 machines into the future.

[–] [email protected] 4 points 2 weeks ago (1 children)

That's a big hill to climb.

Enterprise will always upgrade as usual. Besides, those are all domain based systems if my memory is right, NTLM is only used for local accounts.

Even SMB runs a domain - it's just easier to manage access control.

This issue just pushes me to setup a domain for home use.

[–] [email protected] 2 points 2 weeks ago

NTLM is enabled in some domain based environments. I have to enable it for several service accounts used for connecting legacy appliances. If it "works" Goodluck getting the business to upgrade.

[–] [email protected] 2 points 2 weeks ago

Seems a bad one.