tldrdaily.news logo
Tag

Kerberos

All articles tagged with #kerberos

technology5 months ago

Microsoft's August 2025 Patch Fixes Kerberos Zero-Day and Other Flaws

Microsoft released a security update fixing 111 vulnerabilities across its products, including a publicly known zero-day in Windows Kerberos (CVE-2025-53779) that could allow privilege escalation and domain compromise, along with critical flaws in Azure, Windows graphics, and other services. The update addresses multiple high-severity issues, with some already remediated, emphasizing the importance of timely patching to prevent exploitation.

via The Hacker News|
#kerberos#microsoft#patch-tuesday
technologysecurity2 years ago

Microsoft Ditches NTLM for Kerberos, Free Windows 10 Upgrades Over

Microsoft plans to phase out the NT LAN Manager (NTLM) authentication protocol in Windows 11 and focus on strengthening the Kerberos authentication protocol for improved security. New features in Windows 11 include Initial and Pass Through Authentication Using Kerberos (IAKerb) and a local Key Distribution Center (KDC) for Kerberos. NTLM, introduced in the 1990s, has been supplanted by Kerberos since Windows 2000 but continues to be used as a fallback mechanism. NTLM has inherent security weaknesses and is vulnerable to relay attacks, prompting Microsoft to encourage the use of Kerberos instead.

via The Hacker News|
#authentication#kerberos#microsoft
technology2 years ago

Microsoft's Windows 11: Changes to Authentication and Upgrades

Microsoft plans to phase out the NTLM authentication protocol in Windows 11, as it has been extensively exploited by threat actors in attacks such as NTLM relay attacks and pass-the-hash attacks. Kerberos has replaced NTLM as the default authentication protocol for domain-connected devices on Windows. Microsoft is working on two new Kerberos features, IAKerb and Local KDC, to enhance its use and address challenges leading to Kerberos fallback to NTLM. Additionally, Microsoft intends to expand NTLM management controls to provide administrators with more flexibility in monitoring and restricting NTLM usage. The company will disable NTLM in Windows 11 once it determines it is safe to do so, but customers will have the option to reenable it for compatibility reasons.

via BleepingComputer|
#authentication#kerberos#microsoft