Guhe120

**Name of the Vulnerable Software and Affected Versions** Windows versions (affected versions not specified) **Description** A critical vulnerability exists in the Windows SPNEGO Extended Negotiation (NEGOEX) security mechanism. This flaw is a heap-based buffer overflow that allows an unauthorized attacker to execute code remotely over a network. The vulnerability is considered 'wormable', meaning it has the potential to spread automatically across networks, similar to WannaCry and NotPetya. Successful exploitation grants attackers complete system control with SYSTEM privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.