Microsoft has detailed a three-phased roadmap leading to NTLM being completely disabled in the next version of Windows Server ...

Microsoft confirms a 3-phase strategy to deprecate NTLM, improve auditing, prioritize Kerberos, and disable NTLM by default ...

Microsoft is preparing one of the most consequential security shifts in Windows in decades, turning off NTLM authentication ...

Finally, with Windows Server 2025 and Windows 11 24H2, Microsoft is taking a definitive step to eliminate an historical security weakness: NTLM v1 is being completely removed! It was already disabled ...

Microsoft announced that it will disable the 30-year-old NTLM authentication protocol by default in upcoming Windows releases due to security vulnerabilities that expose organizations to cyberattacks.

The Kerberos authentication method originated at the Massachusetts Institute of Technology in the 1980s, as part of a project called Athena. The project involved integrating the computers on the MIT ...

Several readers responded to my previous post on pass-the-hash attacks, asking if Kerberos authentication versus LANManager, NTLM, or NTLMv2 was an effective defense. It’s a good question, one that I ...

A buffer overflow in the MIT Kerberos 5 network authentication tool’s “krb5_aname_to_localname()” library function could be exploited to gain root privileges on the affected machine. For more, go to: ...

Server: Fully-patched 2008 R2, running Certificate Services. The /certsrv virtual directory is using (I believe) default settings. Specifically, this means it's using Windows Authentication, with NTLM ...

Microsoft has announced plans to disable the 33-year-old NTLM authentication protocol by default in future Windows releases ...