New Windows Themes Vulnerability Exposes NTLM Credentials

Red | Vulnerability Report
Download PDF

A new vulnerability in Windows Themes lets attackers steal NTLM credentials by using malicious theme files that require minimal user interaction. It affects fully updated Windows systems from Windows 7 to Windows 11 24H2, making credential theft possible simply by opening the file in Explorer. No official patch is available yet, so users are recommended to implement mitigation measures, such as blocking NTLM hashes via group policy settings.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox