Security News > 2024 > June > Microsoft deprecates Windows NTLM authentication protocol
Microsoft has officially deprecated NTLM authentication on Windows and Windows servers, stating that developers should transition to Kerberos or Negotiation authentication to prevent problems in the future.
New Technology LAN Manager, better known as NTLM, is an authentication protocol first released in 1993 as part of Windows NT 3.1 and as the successor to the LAN Manager protocol.
NTLM has been extensively abused in cyberattacks known as 'NTLM Relay' attacks, where Windows domain controllers are taken over by forcing them to authenticate against malicious servers.
Despite Microsoft introducing new measures to defend against those attacks, like SMB security signing, attacks on NTLM authentication continue.
NTLM will still work in the next release of Windows Server and the next annual release of Windows.
Microsoft fixes Windows Server bug causing crashes, NTLM auth failures.
News URL
Related news
- Microsoft Will Remove the Free VPN That Comes With Windows Defender Soon (source)
- How to Add Fingerprint Authentication to Your Windows 11 Computer (source)
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- Microsoft has finally fixed Date & Time bug in Windows 11 (source)
- Microsoft shares workaround for Windows security update issues (source)
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- Microsoft to remove the Location History feature in Windows (source)
- Microsoft testing fix for Windows 11 bug breaking SSH connections (source)