![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiE-v7pGsQxkrzQoro_6Qid3VYkPZGwGqijj9_dWG3FdSnS-NcZRM5zrE_yDDz0CwNUG6e_uTbS4pRNvHl9THYM990hC75_0oL3lTYANxflT3aMBZYFwT_Vzzsv4AIVKD_RSkgOCrLUOl9xzVx_bOLHeJjWdTbi9QZK89Yjnn2lm7H7JOVf2QAnZ1UrwaWS/s1600/windows.jpg)
Cybersecurity researchers have discovered a case of “forced authentication” that could be exploited to leak a Windows user’s NT LAN Manager (NTLM) tokens by tricking a victim into opening a specially crafted Microsoft Access file.
The attack takes advantage of a legitimate feature in the database management system solution that allows users to link to external data sources, such as a remote SQL
Source:: The Hackers News