Skip to content
July 3, 2026
  • AI & Copilot
  • Azure Cloud
  • How To Guides
  • Microsoft 365 Office
  • Windows
  • XBOX
  • Privacy Policy

Microsoft News Now

The Home of Microsoft News Today

Primary Menu
  • AI & Copilot
  • Azure Cloud
  • How To Guides
  • Microsoft 365 Office
  • Windows
  • XBOX
  • Privacy Policy
Light/Dark Button
Subscribe

Home - News - Microsoft Office zero-day vulnerability, CVE-2024-38200, exposes NTLM hashes to make it easy as pie for attackers to exploit

  • News

Microsoft Office zero-day vulnerability, CVE-2024-38200, exposes NTLM hashes to make it easy as pie for attackers to exploit

A newly discovered zero-day vulnerability in Microsoft Office, CVE-2024-38200, exposes NTLM hashes to attackers. Learn more about the vulnerability, mitigations, and fixes.
Dave W. Shanahan 2 years ago (Last updated: 1 year ago) 2 minutes read
Microsoft Office zero-day vulnerability, CVE-2024-38200, exposes NTLM hashes to make it easy as pie for attackers to exploit

A newly discovered zero-day vulnerability in Microsoft Office, designated as CVE-2024-38200, can be exploited by attackers to obtain users’ NTLM (New Technology LAN Manager) hashes, according to a recent announcement by Microsoft. This vulnerability is categorized as a spoofing vulnerability and can be triggered remotely without requiring special privileges or user interaction.

The vulnerability affects the 64-bit and 32-bit editions of Microsoft Office 2016, Microsoft Office 2019, Microsoft Office LTSC 2021, and Microsoft 365 Apps for Enterprise. Microsoft has implemented an alternative fix via Feature Flighting on July 30, 2024, which protects customers on all in-support versions of Microsoft Office and Microsoft 365. However, the company urges users to update to the August 13, 2024, updates for the final version of the fix.

CVE-2024-38200 attack scenario

Microsoft Office zero-day vulnerability, CVE-2024-38200, exposes NTLM hashes to make it easy as pie for attackers to exploit

In a web-based CVE-2024-38200 attack scenario, an attacker could host a website containing a specially crafted file designed to exploit the vulnerability. The attacker would need to convince the user to click a link, typically through an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file. Once the attacker obtains the victim’s NTLM hash, they can relay it to another service and authenticate as the victim, performing an authentication relay attack.

Mitigations and fixes

Microsoft has outlined several mitigating factors to reduce the risk of exploitation:

  • Restricting outgoing NTLM traffic to remote servers.
  • Adding users to the Protected Users Security Group.
  • Blocking outbound traffic from port TCP 445.

The company has also announced that final fixes for the affected software will be available on August 13, 2024, as part of the August 2024 Patch Tuesday updates.

NTLM deprecation

New Technology LAN Manager (NTLM) is an old suite of security protocols for user authentication provided by Microsoft, which has been officially deprecated in favor of Kerberos. Microsoft recommends replacing calls to NTLM with calls to Negotiate, which will try to authenticate with Kerberos and only fall back to NTLM when necessary.

The discovery of this zero-day vulnerability highlights the importance of keeping software up-to-date and implementing security best practices. Microsoft’s prompt response and implementation of an alternative fix have minimized the risk of exploitation. However, users are still advised to update to the final version of the fix on August 13, 2024, to ensure maximum protection.

About The Author

CVE-2024-38200

Dave W. Shanahan

I’m Dave W. Shanahan, a Microsoft enthusiast with a passion for Windows, Xbox, Microsoft 365 Copilot, Azure, and more. I started MSFTNewsNow.com to keep the world updated on Microsoft news. Based in Massachusetts, you can email me at davewshanahan@gmail.com.

See author's posts

Like this:

LikeLoading…

Related


Discover more from Microsoft News Now

Subscribe to get the latest posts sent to your email.

Tags: AuthenticationMicrosoftMicrosoft 365Microsoft 365 AppsMicrosoft OfficePatch TuesdaySecurityWindows

Post navigation

Previous: Starfield Shattered Space leak reveals new land vehicles finally coming to game in Fall 2024
Next: Microsoft August 2024 Patch Tuesday updates; New fixes for 9 zero-days, 6 exploited vulnerabilities

Related Stories

Next Week on XBOX: Ultimate Assassin’s Creed Black Flag Resynced, College Football 27, Palworld 1.0, and More for an Exciting Week July 6–10
  • News
  • XBOX and Gaming

Next Week on XBOX: Ultimate Assassin’s Creed Black Flag Resynced, College Football 27, Palworld 1.0, and More for an Exciting Week July 6–10

Dave W. Shanahan 4 hours ago 0
XBOX Free Play Days: Call of Duty Black Ops 7, Diablo IV, Ikonei Island, and More Go Free This Week
  • News
  • XBOX and Gaming

XBOX Free Play Days: Call of Duty Black Ops 7, Diablo IV, Ikonei Island, and More Go Free This Week

Dave W. Shanahan 1 day ago 0
Microsoft Frontier Company: Microsoft's $2.5B Bet On Trusted Enterprise AI Transformation
  • News
  • Enterprise

Microsoft Frontier Company: Microsoft’s Big $2.5B Bet On Trusted Enterprise AI Transformation

Dave W. Shanahan 1 day ago 0

AccessibilityAmazonAndroidAuthenticationAzureCall of DutyCopilotCybersecurityDeveloperEnterpriseFree Play DaysGamingGenerative AIGitHubGoogleLinkedinMicrosoftMicrosoft 365Microsoft 365 CopilotMicrosoft CopilotMicrosoft EdgeMicrosoft StoreMicrosoft TeamsNext Week on XBOXOpenAIOutlookPatch TuesdayPrivacySecuritySettingsSharePointSurfaceTwitterWindowsWindows 10Windows 11Windows InsiderXBOXXBOX Game PassXBOX Game Pass UltimateXBOX OneXBOX Play AnywhereXBOX Series XXBOX Series X|SXBOX Wire

Useful Links

  • AI and Copilot (249)
  • Azure & Cloud (35)
  • Developers (3)
  • Enterprise (4)
  • How To Guides (99)
  • Microsoft 365/Office (97)
  • Microsoft Announcements (97)
  • News (1,272)
  • Security (78)
  • Surface (47)
  • Windows (168)
  • XBOX and Gaming (418)

You May Have Missed

Next Week on XBOX: Ultimate Assassin’s Creed Black Flag Resynced, College Football 27, Palworld 1.0, and More for an Exciting Week July 6–10
  • News
  • XBOX and Gaming

Next Week on XBOX: Ultimate Assassin’s Creed Black Flag Resynced, College Football 27, Palworld 1.0, and More for an Exciting Week July 6–10

Dave W. Shanahan 4 hours ago 0
XBOX Free Play Days: Call of Duty Black Ops 7, Diablo IV, Ikonei Island, and More Go Free This Week
  • News
  • XBOX and Gaming

XBOX Free Play Days: Call of Duty Black Ops 7, Diablo IV, Ikonei Island, and More Go Free This Week

Dave W. Shanahan 1 day ago 0
Microsoft Frontier Company: Microsoft's $2.5B Bet On Trusted Enterprise AI Transformation
  • News
  • Enterprise

Microsoft Frontier Company: Microsoft’s Big $2.5B Bet On Trusted Enterprise AI Transformation

Dave W. Shanahan 1 day ago 0
Microsoft Teams Rolls Out Smarter Bot Protection To Keep Unwanted AI Out Of Your Meetings
  • News
  • Microsoft 365/Office

Smarter Microsoft Teams Bot Protection Rolls Out To Keep Unwanted AI Out Of Your Meetings

Dave W. Shanahan 2 days ago 0
  • AI & Copilot
  • Azure Cloud
  • How To Guides
  • Microsoft 365 Office
  • Windows
  • XBOX
  • Privacy Policy
Copyright © 2026 All rights reserved. ReviewNews by AF themes.

    %d