MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
ntlm
Search

CISA adds Windows NTLM hash disclosure spoofing flaw to its Known Exploited Vulnerabilities Catalog

Friday April 18, 2025. 09:52 AM , from BetaNews
A vulnerability in the Windows NTLM authentication protocol, which is known to have been actively exploited for at least a month, has been added to the US CISA’s Known Exploited Vulnerabilities Catalog. While Microsoft deprecated NTLM last year, it remains widely used. Security researchers discovered the hash disclosure spoofing bug, and Microsoft quietly patched it in March. But the creation of a patch is one thing -- having users install it is something else. By adding the vulnerability, tracked as CVE-2025-24054, to its catalog, CISA is raising aware that action needs to be taken. See also: In adding the NTLM… [Continue Reading]
Read more at BetaNews
https://betanews.com/2025/04/18/cisa-adds-windows-ntlm-hash-disclosure-spoofing-flaw-to-its-known-ex...

Related News

ntlm Oracle hopes talk of cloud data theft dies off. CISA just resurrected it for Easter TheRegisterApr 18
exploited Best Windows apps this week BetaNewsApr 18
cisa exwm: Emacs X Windows Manager OS NewsApr 17
known Most enterprise hybrid Active Directory environments have critical vulnerabilities BetaNewsApr 17
catalog Microsoft admits classic Outlook for Windows has a massive resource usage problem BetaNewsApr 17
windows It must be a day with a 'y' in it -- there's a problematic Windows 11 update causing blue screens BetaNewsApr 17
spoofing Users receive unprovoked Windows 11 offers after Intune code glitch ComputerWorldApr 17
hash Free Blue Screens of Death for Windows 11 24H2 users TheRegisterApr 16
vulnerabilities ‘Stupid and Dangerous’: CISA Funding Chaos Threatens Essential Cybersecurity Program Wired: Tech.Apr 16
disclosure CISA extends funding to ensure ‘no lapse in critical CVE services’ OS NewsApr 16
its Microsoft blames 'latent code issue' after Windows 11 upgrades sneak past admin blockades TheRegisterApr 16
flaw CVE program gets last-minute funding from CISA – and maybe a new home TheRegisterApr 16
microsoft CISA extends funding to the CVE program (BleepingComputer) LWN.netApr 16
vulnerability CISA Extends Funding To Ensure 'No Lapse in Critical CVE Services' SlashdotApr 16
adding Microsoft brings a new text extraction tool to Windows 11 BetaNewsApr 16
ntlm I made a better way to scroll in Windows. Here’s the script. ComputerWorldApr 16
exploited Ditch Windows 11 and switch to Fedora Linux 42 BetaNewsApr 15
cisa Stylish Windows 11 replacement Nitrux is about to solve a big app headache for users BetaNewsApr 15
known Microsoft vulnerabilities hit a record high in 2024 BetaNewsApr 15
catalog There’s AI Inside Windows Paint and Notepad Now. Here’s How to Use It Wired: Tech.Apr 15
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Current Date
Apr, Sat 19 - 13:46 CEST