The most used versions of Windows all suffer from a 0-day called RemotePotato0. You can now download an unofficial fix for that.
The 0-day can give potential attackers administrative rights to computers. The error was made in April 2021 discovered by two SentinelOne researchers, Antonio Cocomazzi and Andrea Pierini. At the time, Microsoft recognized the error as a so-called 0-day, but to date, the platform holder has not solved the problem.
RemotePotato0 gets a fix
On the website 0patch explains founder Mitja Kolsek what exactly the error does. You can also read on that website how to solve the problem. You can download a number of patches for this, so that you are safe again.
Attackers use the Windows NT LAN Manager (NTLM) for the attack. The protocol is old, but it is still used on many Windows servers. Microsoft no longer supports the protocol; that explains why the company itself doesn’t release patches for it. Instead, Microsoft recommends deactivating NTLM. You can also configure the Windows servers to block attacks via NTLM.
That’s a risky approach. When someone attacks using the RemotePotato0 error, no interaction from the user is required. So if you still use NTLM, it is recommended create an account at 0patch and download the necessary files there.
These are Windows versions 7 to 10 and Windows Server versions from 2008 to 2019.
