Network Security Unpatched Windows search URI handler issue leaks NTLMv2 hashes June 3, 2026 Share By SC Staff (Credit: Daniel CHETRONI – stock.adobe.com) As reported by The Hacker News, cybersecurity researchers at Huntress have disclosed details of an unpatched issue in the Windows search URI handler that could be exploited to leak a user's NTLMv2 hash to an attacker. The newly identified issue, similar to a previously patched vulnerability in the Windows Snipping Tool (CVE-2026-33829), resides in the search URI handler. Attackers can induce users to click a specially crafted link, which, when processed by the search handler, can compel the computer to connect to an attacker-controlled SMB server. This connection exposes the user's NTLMv2 hash, enabling the attacker to authenticate as the user. The exploit leverages a "crumb=location:" parameter, a mechanism previously documented in relation to NTLM hash leakage (CVE-2023-35636). Threat actors can use captured hashes for relay attacks to gain deeper network access. Microsoft has declined to address the issue, classifying it as not meeting their servicing bar for "Important" or "Critical" severity. Mitigation strategies include blocking outbound SMB traffic on non-essential hosts, enforcing SMB signing, and disabling NTLM where possible. Source: The Hacker News An In-Depth Guide to Network Security Get essential knowledge and practical strategies to fortify your network security. Learn More SC Staff Related Network Security New HTTP/2 Bomb attack can take down web servers in seconds SC Staff June 3, 2026 The HTTP/2 Bomb attack exploits default configurations of major web servers including NGINX, Apache HTTP Server, Microsoft IIS, Envoy, and Cloudflare Pingora. Network Security MazeBolt launches AI module to simulate novel DDoS attack vectors SC Staff June 3, 2026 The RADAR VectorAI module operates on MazeBolt's existing RADAR platform, continuously simulating DDoS traffic without disrupting services. Network Security The 2026 FIFA World Cup: A network availability stress test Matthew Andriani June 1, 2026 Here’s four tips for organizations protecting the World Cup ecosystem from a major DDoS attack. Related Events Cybercast How to transform your SOC through XDR and MDR On-Demand Event Cybercast AI for network security: Problems and solutions On-Demand Event Virtual Conference Fortifying the Foundation: Tackling Evolving Challenges in Network Security On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms ACK Piggybacking Bridge Broadcast Address Cell Circuit Switched Network Computer Network Decapsulation Distance Vector Domain Domain Name You can skip this ad in 5 seconds