NTLM Hash Disclosure Spoofing Vulnerability - CVE-2025-24054
Posted by maxcoder88@reddit | sysadmin | View on Reddit | 4 comments
Hi,
Is there a way to mitigate NTLM Hash Disclosure Spoofing Vulnerability - CVE-2025-24054 ?
Is it enough to just install the latest path? Are there any extra steps?
Anyone her has some knowledge to share on the subject?
Thanks,
Problably__Wrong@reddit
Disable NTLM ;)
TheTajmaha@reddit
The flaw triggers an SMB connection to a remote server. As is recommendations to other flaws, block outbound SMB (445/tcp). That should mitigate it, really there shouldnt be much of any reason to allow SMB out to the internet.
https://learn.microsoft.com/en-us/windows-server/storage/file-server/smb-secure-traffic
IFightTheUsers@reddit
The general recommendation from a few firewall vendors including Palo Alto is to deny QUIC "443 UDP" outbound to the internet to retain SSL inspection capabilities, so that should pin that issue.
TechIncarnate4@reddit
I don't see any other details from Microsoft on mitigations. The fix is the patch. Apply the patch.