Ars Technica

Internet Explorer always using Kerberos authentication... even when unsupported.

Server: Fully-patched 2008 R2, running Certificate Services. The /certsrv virtual directory is using (I believe) default settings. Specifically, this means it's using Windows Authentication, with NTLM ...
Neowin

Microsoft wants to eventually disable NTLM authentication in Windows 11Microsoft wants to eventually disable NTLM authentication in Windows 11Microsoft wants to eventually ...

The various versions of Windows have used Kerberos as its main authentication protocol for over 20 years. However, in certain circumstances, the OS has to use another method, NTLM (NT LAN Manager).
Windows Report

Microsoft Starts New Kerberos Hardening Phase for Windows Domain Controllers

Microsoft rolls out new Kerberos protections to block RC4 encryption, with enforcement mode becoming mandatory for domain controllers in 2026.

Windows Networks: Google Mandiant Delivers the Coup de Grâce to Microsoft's NTLM

Google provides assistance in cracking NTLM hashes, provoking Microsoft and also admins who are concerned about the security ...
Dark Reading

Patch Now: Critical Windows Kerberos Bug Bypasses Microsoft Security

Microsoft eased enterprise security teams into 2024 with a relatively light January security update consisting of patches for 48 unique CVEs, just two of which the company identified as being of ...
Computerworld

Windows Tech: Is Microsoft’s Kerberos a Different Animal?

Do you think Microsoft’s Kerberos implementation follows the Kerberos standard? Add your comments and questions to the online Kerberos discussion. In Greek mythology , Kerberos is the three-headed ...
Dark Reading

Abusing Kerberos for Local Privilege Escalation

As the main authentication protocol for Windows enterprise networks, Kerberos has long been a favored hacking playground for security researchers and cybercriminals alike. While the focus has been on ...
Computer Weekly

Windows Kerberos, Hyper-V vulns among January Patch Tuesday bugs

Microsoft has released a total of 49 new patches marking the first Patch Tuesday event of 2024, addressing a variety of vulnerabilities across its product estate, among them two critical bugs ...
Threat Post

Kerberos Authentication Spoofing: Don’t Bypass the Spec

Yaron Kassner, CTO at Silverfort, discusses authentication-bypass bugs in Cisco ASA, F5 Big-IP, IBM QRadar and Palo Alto Networks PAN-OS. Authentication is the front gate to security systems, so if ...
Bleeping Computer

Microsoft: New security updates trigger Windows Server auth issues

Update November 15, 04:37 EST: Microsoft has released out-of-band updates to address the authentication issues on DCs running impacted Windows Server versions. Microsoft says users might experience ...
ZDNet

Microsoft: Here's how to defend Windows against these new privilege escalation attacks

Microsoft has detailed how Windows customers can defend themselves from automated 'Kerberos Relay' attacks that can give an attacker System privileges on a Windows machine. Microsoft has responded to ...