skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Microsoft Enhances Security Against NTLM Relay Attacks

/ 1 min read

🛡️✨ Microsoft enhances security against NTLM relay attacks in Windows Server 2025. As part of its ongoing efforts to phase out the outdated NTLM authentication protocol, Microsoft has introduced Extended Protection for Authentication (EPA) as the default setting in Windows Server 2025. This update aims to bolster defenses against NTLM relay attacks, which exploit the protocol’s challenge/response mechanism to misuse hashed user credentials. Recent vulnerabilities linked to NTLM and Office applications highlight the urgency of these enhancements. Additionally, channel binding for LDAP is now enabled by default, further strengthening security measures. Microsoft encourages administrators of earlier server versions to manually enable these protections to safeguard against potential exploits.

Source
{entry.data.source.title}
Original