tldr - powered by Generative AI
Forced authentication can be exploited to steal Windows NTLM tokens by tricking users into opening a specially crafted Microsoft Access file.
- Forced authentication vulnerability discovered in Microsoft Access
- Attackers can leak NTLM tokens by tricking victims into opening a malicious file
- Exploits a legitimate feature in Access that allows linking to external data sources
- Attack can be launched using various Office file types
- NTLM authentication protocol has been found vulnerable to multiple attacks
Tags:
forced authentication
Windows NTLM tokens
Microsoft Access
Vulnerability