Security News > 2024 > June > Microsoft deprecates Windows NTLM authentication protocol
Microsoft has officially deprecated NTLM authentication on Windows and Windows servers, stating that developers should transition to Kerberos or Negotiation authentication to prevent problems in the future.
New Technology LAN Manager, better known as NTLM, is an authentication protocol first released in 1993 as part of Windows NT 3.1 and as the successor to the LAN Manager protocol.
NTLM has been extensively abused in cyberattacks known as 'NTLM Relay' attacks, where Windows domain controllers are taken over by forcing them to authenticate against malicious servers.
Despite Microsoft introducing new measures to defend against those attacks, like SMB security signing, attacks on NTLM authentication continue.
NTLM will still work in the next release of Windows Server and the next annual release of Windows.
Microsoft fixes Windows Server bug causing crashes, NTLM auth failures.
News URL
Related news
- Microsoft says premature patch could make Windows Recall forget how to work (source)
- Microsoft says having a TPM is "non-negotiable" for Windows 11 (source)
- New Windows zero-day exposes NTLM credentials, gets unofficial patch (source)
- Micropatchers share 1-instruction fix for NTLM hash leak flaw in Windows 7+ (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- Microsoft lifts Windows 11 24H2 block on PCs with USB scanners (source)
- Microsoft says Auto HDR causes game freezes on Windows 11 24H2 (source)
- Microsoft adds another problem to the Windows 11 24H2 naughty list (source)
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)