A security vulnerability has been discovered in all versions of Windows, including desktop and server editions. The vulnerability, known as the URL File NTLM Hash Disclosure vulnerability, affects 21 different editions of Windows, including Windows 7, Windows Server 2008 R2, and more recent versions such as Windows 11 and Windows Server 2022.
The security patching firm Opatch has reported the issue to Microsoft but has not received a fix from the company. To address the vulnerability, Opatch has released free micropatches for all affected versions of Windows.
To obtain the free patch, users must create an account in Opatch Central. The full list of affected editions includes both legacy and still-receiving-Windows-Updates versions. Microsoft is expected to release its own official fixes when available, but in the meantime, Opatch’s micropatches provide a temporary solution until then.
Users should be cautious of malicious files that could potentially exploit this vulnerability, particularly when viewing shared folders or downloading files from unknown sources. By applying Opatch’s free patches, users can help protect themselves against this security threat.
Source: https://betanews.com/2024/12/06/0patch-uncovers-a-security-vulnerability-in-all-versions-of-windows-and-releases-free-fixes