Now a zero-day, the vulnerability enables NTLM hash theft, an issue that Microsoft has already fixed twice before.