Hackers exploit new Windows vulnerability to steal user credentials

forbes.com October 31, 2024, 04:01 PM UTC

A new security vulnerability in Windows has been discovered, allowing hackers to steal user credentials through malicious Windows Theme files. This follows a previous vulnerability that Microsoft had patched, but researchers found it did not cover all potential risks.

The new vulnerability, identified as CVE-2024-38030, was uncovered while developing a patch for an earlier issue. Researchers at 0patch created a micropatch to protect users from this latest threat, which affects even the newest Windows 11 version.

Microsoft is aware of the issue and plans to address it, but an official patch is not yet available. In the meantime, users can access the 0patch micropatch for free to protect their systems.

Article metrics
Significance4.8
Scale & Impact5.6
Positivity4.4
Credibility7.5
See today's significant news

With a significance score of 4.8, this news ranks in the top 3% of today's 18718 analyzed articles.

See which stories are shaping the world in today's news ranking.

Timeline:

  1. [5.2]
    Free unofficial patches released for Windows Themes zero-day vulnerability (bleepingcomputer.com)
    8d 20h