Two new vulnerabilities found in Windows NTLM security protocols

Researchers at behavioral firewall specialist Preempt have discovered two vulnerabilities within the Microsoft Windows NT LAN Manager (NTLM) security protocols. The first involves unprotected Lightweight Directory Access Protocol (LDAP) from NTLM relay, and the second discovery impacts Remote Desktop Protocol (RDP) Restricted-Admin mode. Both vulnerabilities can result in unauthorized credential use, risk of password cracking and potentially domain compromise. "Today's threat landscape continues to expand, highlighting weaknesses in existing security protocols, and these two vulnerabilities are no different," says Ajit Sancheti, CEO and co-founder of Preempt. "NTLM puts organizations and individuals at risk of credential forwarding and password cracking, and… [Continue Reading]