Security researchers at Preempt are warning that all Windows machines that don’t have the latest security patches installed, are vulnerable to remote code execution (RCE) attacks as the result of two critical flaws affecting NTLM, a key Microsoft security protocol providing authentication.
By exploiting the vulnerabilities, threat actors can “remotely execute malicious code on any Windows machine or authenticate to any web server that supports Windows Integrated Authentication (WIA) such as Exchange or ADFS.” Microsoft has issued fixes for the flaws as part of this month’s Patch Tuesday.
Read more: Microsoft NTLM Flaws Expose All Windows Machines to RCE Attacks