Microsoft said last year that it wants to improve authentication security by eventually killing off NTLM sometime in the future. Today, the company has announced the deprecation of the feature.
Domain controller RSS
Microsoft confirmed yesterday that a VPN bug is affecting Windows 10 and 11, as well as Servers. Alongside that, the company has also confirmed that Server systems are also having NTLM traffic spikes.
Microsoft released patches for a couple of Kerberos authentication vulnerabilities tracked under CVE-2024-26248 and CVE-2024-29056. Details about its enforcement timeline have been shared.
Microsoft shared an updated DC hardening timeline where it has added new guidance and key dates about the deployment phase. This hardening meant to improve the security of the concerned servers.
Microsoft has confirmed that a buggy Patch Tuesday implementation is causing an LSASS memory leak, leading to reboots of Windows Server DCs when trying to undergo Kerberos authentication.
Microsoft has been enforcing hardening across Kerberos and Netlogon protocols, to protect against security vulnerabilities it discovered in 2021. Reminder for the upcoming Full Enforcement is out.
Microsoft has been enforcing hardening across Kerberos and Netlogon protocols, to protect against security vulnerabilities it discovered in 2021. The third phase is being rolled out.
Microsoft has issued an update today about the third phase security hardening changes deployment for Windows Server Kerberos protocol. These changes are meant to patch a major security flaw.
The latest edition of Microsoft Weekly packs news items related to "Windows 12" leaks, some hidden capabilities in Windows 11, and a bunch of app updates, with a sprinkle of Windows 7 news.
Microsoft has issued a reminder today about the third phase security hardening changes deployment for Windows Server Kerberos protocol. These changes are meant to patch a major security flaw.
Microsoft has released out-of-band Windows updates in order to patch issues in Kerberos authentication on Domain Controllers. The updates need to be installed manually via Microsoft Update Catalog.
Microsoft has released multiple OOB updates which fix an issue that was introduced with the latest May Patch Tuesday. The bug was leading to auth failures on domain controlled servers and clients.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is no longer recommending the installation of May Patch Tuesday updates on Domain Controllers because of authentication issues.
Microsoft has updated its guidance for securing Domain Controllers (DCs). Previously, the company told customers not to allow internet access on DCs in any scenario. This is not the case anymore.
_medium.jpg)
Out-of-band updates for several Windows versions including Windows 11, have been released which are meant to fix problems related to VPN connections, Domain Controllers, Hyper-V, and more.
Although software updates are supposed to fix problems, it appears that the latest Patch Tuesday release is causing major headaches for Windows Server admins due to DC boot loops and Hyper-V issues.
Microsoft has issued an advisory about an Active Directory privilege escalation attack. The vulnerabilities have already been patched but unpatched domain controllers are more at risk now than ever.
Microsoft has confirmed that its recent July security update has broken printing and scanning on systems when using smart card authentication. The problem is related to certain changes it made.
As Windows 10 approaches end of life, Microsoft targets more users with full-screen ads
Windows 11 build 27754 is out with modernized Windows Hello, new taskbar features, more
Windows 11 audio bug blasts users with 100% volume, Microsoft confirms
Microsoft's free Bing Wallpaper app for Windows is borderline malware
Recommended by 
We're on Mastodon!
We're on Mastodon!