Ars Technica

Anybody successfully using NTLMv2 only authentication on a corporate network?

It works fine in test environment. But NTLMcompatibilitylevel=5 (NTLMv2 only) breaks way too many things to be useful in the Real World(tm). Exchange 2000 POP3/IMAP access breaks, PocketPC can't ...
Ars Technica

Accidentally installed DS Client on Win ME workstation. How can I remove it?

We've been updating the Win9X machines on our network with the Win2K DS Client and then adding the correct registry entries to enable NTLMv2 authentication. Along the way I realized I installed the DS ...
techtimes

Microsoft Outlook Security Flaw Exposed: NTLM v2 Passwords at Risk

A recently addressed security flaw in Microsoft Outlook has been identified as a significant threat, potentially allowing threat actors to exploit it to gain access to NT LAN Manager (NTLM) v2 hashed ...
Bleeping Computer

Microsoft deprecates Windows NTLM authentication protocol

Microsoft has officially deprecated NTLM authentication on Windows and Windows servers, stating that developers should transition to Kerberos or Negotiation authentication to prevent problems in the ...
CSOonline

Don’t count on Kerberos to thwart pass-the-hash attacks

Several readers responded to my previous post on pass-the-hash attacks, asking if Kerberos authentication versus LANManager, NTLM, or NTLMv2 was an effective defense. It’s a good question, one that I ...
Bleeping Computer

New Microsoft NTLM Flaws May Allow Full Domain Compromise

Two security vulnerabilities in Microsoft's NTLM authentication protocol allow attackers to bypass the MIC (Message Integrity Code) protection and downgrade NTLM security features leading to full ...
TechRepublic

Microsoft Improves Windows Security with a Path to Move Off NTLM

Microsoft Improves Windows Security with a Path to Move Off NTLM Your email has been sent It’s time to stop relying on the insecure authentication protocol built into Windows. Microsoft is making it ...