Hackers can abuse Windows 10 themes and theme packs to steal Windows account credentials from victims. Security researcher Jimmy Bayne discovered that specially crafted Windows themes could be employed to carry out "pass-the-hash" attacks to steal login names and passwords.
- Windows 10 enables users to create custom themes for the operating system and share those custom themes through theme packs.
- A pass-the-hash attack enables a hacker to authenticate to a remote server by using the NTLM or LanMan hash of a user's password to steal the plaintext password.
- Bayne disclosed the attack technique to Microsoft, but the company said it was a "feature by design" and would not be fixed.