A critical vulnerability in Windows File Explorer, identified as CVE-2025-24071, enables attackers to steal NTLM hashed passwords without any user interaction beyond simply extracting a compressed file.

Security researchers have released a proof-of-concept exploit demonstrating this high-severity flaw, which Microsoft patched in its March 2025 updates.