The next step in the decommissioning of the obsolete protocol.

CSO Online offers insights into cybersecurity, risk management, and IT leadership, providing articles, reports, and expert analysis to help security professionals navigate the evolving threat landscape and protect their organizations from cyber attacks. By exploring CSO Online's curated content, CISOs, security managers, and IT executives can learn about threat intelligence, security frameworks, and incident response strategies for building resilient cybersecurity programs. Whether you're defending against ransomware, phishing attacks, or insider threats, CSO Online offers resources to strengthen your security posture and safeguard your digital assets.

CSO Online

Microsoft is disabling NTLM (NT LAN Manager) by default in Windows 11 and Windows Server as part of its ongoing security improvements. The authentication protocol, introduced in the 1990s and replaced by Kerberos in Windows 2000, remains in use by many legacy enterprise systems, making them vulnerable to NTLM relay attacks. Despite years of preparation, many administrators still struggle to remove NTLM from their networks. The deactivation timeline is available on the Windows IT Pro Blog.

Microsoft disables NTLM in Windows