CVE-2026-32202: Incomplete Windows SmartScreen Patch Enables Zero-Click Attacks and NTLM Hash Theft
Akamai researchers uncovered that an incomplete Microsoft patch quietly opened a fresh zero-click pathway into Windows networks—and adversaries didn’t need a single user interaction to get in. Cataloged as CVE-2026-32202, the bug arises from a February 2026 fix that fell short, leaving a gap around Windows SmartScreen and Windows Shell security prompts that attackers could…