The host is installed with Microsoft Windows Windows 8.1 or 10 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly validate NT LAN Manager (NTLM) Single Sign-On (SSO) requests during Microsoft Account (MSA) login sessions. An attacker who successfully exploited the vulnerability could attempt to brute force a users NTLM password hash.