Free unofficial patches are now available for a new Windows Themes zero-day vulnerability that allows attackers to steal a target's NTLM credentials remotely.
NTLM has been extensively exploited in NTLM relay attacks, where threat actors force vulnerable network devices to authenticate against servers under their control, and pass-the-hash attacks, where they exploit system vulnerabilities or deploy malicious software to acquire NTLM hashes (which are hashed passwords) from targeted systems.
https://www.bleepingcomputer.com/news/s ... l-patches/