Microsoft released a high security update to address a vulnerability in Microsoft Windows Server 2022 MSHTML Platform. A malicious actor could exploit this vulnerability to disclose Net-NTLMv2 hashes. Proof-of-concept (PoC) information is publicly available.

For a complete description of the vulnerabilities and affected systems go to Windows MSHTML Platform Security Feature Bypass Vulnerability CVE-2023-29324.

IT Security

Read more about IT Security service offerings.