Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2024-21320: Windows Themes Spoofing Vulnerability

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigations might apply in your situation:

  • Systems that have disabled NTLM are not affected.

  • Apply the existing group policy to block NTLM hash. With this policy enabled, this issue for a remote SMB location client or server can be mitigated. To enable the policy: Select Computer Configuration > Windows Settings > ** Security Settings** > Local Policies > Security Options. On the right pane, double-click the Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers policy per the options listed below in the Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers documentation.

References:

  • For customers running Windows Server 2008 or 2008 R2: Introducing the Restriction of NTLM Authentication
  • For customers running Windows 7 or 2008 R2: NTLM Blocking and You
  • For customers running Windows 10 or 11: Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication
Microsoft Security Response Center
Open in Source
#vulnerability#windows#samba#auth#Windows Themes#Security Vulnerability

Microsoft Security Response Center: Latest News

CVE-2025-21396: Microsoft Account Elevation of Privilege Vulnerability
Microsoft Security Response Center