BleepingComputer reports that ACROS Security has released unofficial patches for a novel Windows SCF File NTLM hash disclosure zero-day flaw, which could be leveraged to facilitate the compromise of NTLM credentials.
All Windows and Windows Server versions since Windows 7 and Server 2008 R2 are affected by the vulnerability, which was identified amid the development of fixes for a separate NTLM hash disclosure bug, said ACROS Security researchers. "Note that while these types of vulnerabilities are not critical and their exploitability depends on several factors (e.g., the attacker either already being in the victim's network or having an external target like a public-facing Exchange server to relay the stolen credentials to), they have been found to be used in actual attacks," noted ACROS Security CEO Mitja Kolsek, who maintained the availability of the free patches until Microsoft addresses the issue. Microsoft has acknowledged the findings and disclosed ongoing evaluations for a potential fix for the bug.
