Executive Risk Summary
"A vulnerability in Git for Windows prior to version 2.53.0(2) allows an attacker to obtain a user's NTLM hash by tricking them into cloning from a malicious server, potentially leading to brute-force attacks on the user's account name and password. This vulnerability is fixed in version 2.53.0(2) of Git for Windows."
Operational Audit Arsenal
Target Type Executable
Target Asset git.exe
Standard Path %ProgramFiles%\Git\bin
PowerShell
# 🛠️ Senior Engineer Universal Audit
# Target: git.exe (Executable)
$Target = "git.exe"
$SearchPaths = @("$env:windir\System32", "$env:ProgramFiles", "${env:ProgramFiles(x86)}")
Get-ChildItem -Path $SearchPaths -Filter $Target -Recurse -ErrorAction SilentlyContinue |
Select-Object FullName, @{Name="Version";Expression={$_.VersionInfo.ProductVersion}}Patch Impact Forecast
Reboot Required Unlikely
Service Disruption
Git services
Internal Work Notes
Update Git for Windows to version 2.53.0(2) or later to mitigate NTLM hash vulnerability
Intelligence Sources
Scope of Impact
Original NVD Description
"Git for Windows is the Windows port of Git. Prior to 2.53.0(2), it is possible to obtain a user's NTLM hash by tricking them into cloning from a malicious server. Since NTLM hashing is weak, it is possible for the attacker to brute-force the user's account name and password. This vulnerability is fixed in 2.53.0(2)."
Data compiled from NVD, MSRC, and CISA KEV Catalog. Intelligence synthesized via AI. Scripts for diagnostic purposes under MIT License.