Blog Security Research Leaking NTLM Credentials Through Windows Themes Tomer Peled is a Security Researcher at Akamai. In his daily job, he conducts research ranging from vulnerability research to OS internals. In his free time, he likes to cook, do Krav Maga, and game on his PC. Akamai security researcher Tomer Peled recently discovered a spoofing vulnerability in Microsoft Themes. It was assigned CVE-2024-21320 with a CVSS score of 6.5. Editorial and additional commentary by Tricia Howard Executive summary \n Akamai security researcher  Tomer Peled recently discovered a spoofing vulnerability in Microsoft Themes. It was assigned CVE-2024-21320 with a CVSS score of 6.5. \n \n \n \n The vulnerability can trigger an authentication coercion — an attack in which a victim is coerced into sending credentials (usually in the form of NTLM hashes over SMB) to an attacker’s machine. The attacker can later crack the credentials offline.…