Bug Bounties

ACROS Releases Unofficial Fixes for Windows Themes Zero-Day

Adobe Stock

ACROS Security has released free unofficial fixes for a zero-day flaw in Windows Themes, which could be leveraged to facilitate the remote compromise of NTLM credentials on devices running on Windows 7 to Windows 11 24H2, according to BleepingComputer.

The vulnerability was uncovered by ACROS Security researchers during the development of a micropatch for the user credential leaking bug, tracked as CVE-2024-38030, which has already been addressed by Microsoft as part of July Patch Tuesday updates.

"So instead of just fixing CVE-2024-38030, we created a more general patch for Windows themes files that would cover all execution paths leading to Windows sending a network request to a remote host specified in a theme file upon merely viewing the file," said ACROS Security CEO Mitja Kolsek.

Organizations could install the fix on impacted Windows Workstation instances through 0patch, although other mitigation measures could also be applied while awaiting for an official fix, which is already being worked on by Microsoft.

You can skip this ad in 5 seconds