Windows 11 to let admins mandate SMB encryption for outbound connections

October 25, 2023 at 02:41PM Windows 11 Insider Preview Build 25982 introduces the capability for admins to mandate SMB client encryption for all outbound connections. This ensures data end-to-end encryption and defense against eavesdropping and interception attacks. Windows admins can configure the SMB client to always require encryption using PowerShell or group policy. Additionally, Windows … Read more

Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication

October 14, 2023 at 02:48AM Microsoft plans to eliminate NT LAN Manager (NTLM) in Windows 11, focusing instead on strengthening the Kerberos authentication protocol. New features in Windows 11 include Initial and Pass Through Authentication Using Kerberos (IAKerb) and a local Key Distribution Center (KDC) for Kerberos. NTLM has vulnerabilities that make it susceptible to … Read more

Microsoft plans to kill off NTLM authentication in Windows 11

October 13, 2023 at 12:50PM Microsoft has announced that the NTLM authentication protocol will be phased out in Windows 11. Kerberos has replaced NTLM as the default authentication protocol since Windows 2000. Despite being used in older versions, NTLM is still vulnerable to attacks such as relay attacks and pass-the-hash attacks. Microsoft is working on … Read more