Cyber Security News

Microsoft Moves Closer to Disabling NTLM

CybersecurityNews
Microsoft Moves Closer to Disabling NTLM

Microsoft will disable NTLM by default in the next Windows Server and associated Windows client releases as part of a multi-phase plan to eliminate the legacy protocol. Organizations should use enhanced NTLM auditing in Windows Server 2025 and Windows 11 24H2+, map dependencies, migrate to Kerberos, and test NTLM-off configurations to prepare for the change. #NTLM #WindowsServer

Keypoints

  • Microsoft will disable NTLM by default in upcoming Windows Server and client releases.
  • NTLM is deprecated but still widely used and vulnerable to relay, replay, and man-in-the-middle attacks.
  • Windows Server 2025 and Windows 11 24H2+ include enhanced NTLM auditing to locate remaining dependencies.
  • Microsoft will provide Kerberos-first solutions like IAKerb and local KDC to reduce NTLM fallback usage.
  • Administrators must audit, map dependencies, migrate to Kerberos, and test NTLM-off configurations to prepare.

Read More: https://www.securityweek.com/microsoft-moves-closer-to-disabling-ntlm/