Vulnerability in Windows File Explorer Allows Attackers to Steal NTLM Hashes

20 Mar 2025

Vulnerability

A vulnerability in Windows File Explorer, identified as CVE-2025-24071, allows attackers to steal NTLM hashes by decompressing files, without requiring any user interaction. A Proof of Concept (PoC) has already been published. This flaw can lead to "network spoofing" attacks.

Read the original article on freebuf.com