Windows Users at Risk: Passwords Can Be Stolen Without a Click with New Zero-Day!

A new security vulnerability in Windows has been discovered, putting users at risk of password theft. This zero-day flaw affects all major Windows versions, from Windows 7 to Windows 11 v24H2 and Server 2025. Even more concerning, Microsoft has yet to release an official patch, leaving users exposed to potential cyberattacks.

Windows Password Hash Flaw: What’s the Risk?

The vulnerability was uncovered by security researcher Mitja Kolsek from ACROS Security, who privately informed Microsoft about the issue. While the full technical details remain undisclosed, Kolsek revealed that the flaw allows attackers to steal NTLM (NT Lan Manager) credentials simply by getting a user to preview a malicious file in Windows Explorer. In some cases, users don’t even need to open the file; just viewing it in Explorer is enough to expose their login credentials.

NTLM is a widely used authentication protocol in Windows, meaning this flaw is particularly dangerous. Once cybercriminals steal these credentials, they can use them for relay attacks, bypassing security measures, and gaining unauthorized access to networks. Kolsek has stated that although the flaw is not considered "critical," it can still be exploited by attackers in real-world situations.

No Official Microsoft Patch Yet

While Microsoft has acknowledged the issue, there is no official patch available at the moment. A Microsoft spokesperson confirmed they are aware of the problem and will take action as necessary to protect users. However, users may remain vulnerable until the next scheduled security update, which could take weeks.

To address this immediate risk, Kolsek’s company, ACROS Security, has created a temporary fix. This micro-patch, available through ACROS Security’s 0patch platform, can be applied directly to memory without needing a full system update. The fix is free to use until Microsoft releases an official update, and users are encouraged to install it as soon as possible.

A New Zero-Day Threat for Chrome Users

Alongside this Windows vulnerability, another zero-day exploit has been discovered in Google Chrome and other Chromium-based browsers like Microsoft Edge. Security firm Kaspersky identified this flaw, which allows attackers to bypass Chrome's sandbox protection with just one click on a malicious link.

This attack, dubbed Operation ForumTroll, has targeted media outlets, educational institutions, and government agencies, particularly in Russia. Experts believe it could be used for cyber-espionage, given its sophistication. The exploit is identified as CVE-2025-2783.

How to Stay Safe

For Windows users: Apply the 0patch temporary fix right away to protect against the password flaw.

For Chrome and Edge users: Update your browser to the latest version to stay protected from the Chromium zero-day.

Be cautious of phishing: Never open unknown files or click suspicious links, especially from untrusted sources.

By staying vigilant and applying fixes, users can reduce the risk of falling victim to these serious security threats.