Microsoft · Windows · CVE-2025-21377
Name of the Vulnerable Software and Affected Versions:
Windows versions prior to February 2025 patchday
Description:
A spoofing issue allows attackers to affect the system. This issue is related to the disclosure of NTLM hash, which can be exploited by attackers. The estimated number of potentially affected devices is not specified. The vulnerability is actively exploited and can allow remote attackers to conduct spoofing attacks and gain unauthorized access to protected information.
Recommendations:
As a temporary workaround, consider restricting access to sensitive resources until a patch is available.
Apply the February 2025 Windows Updates to resolve the issue.