Microsoft’s Shift Away from NTLM Authentication
In a significant move announced in October 2023, Microsoft revealed its intention to phase out NTLM (New Technology LAN Manager) authentication. This decision stems from a notable decline in the utilization of the NTLM protocol, prompting the company to initiate its deprecation. Following this announcement, in June 2024, Microsoft confirmed that NTLM would be removed from versions beyond Windows 11 24H2 and Windows Server 2025, marking the end of this feature in upcoming iterations of Windows client and server systems.
Accelerated Plans for NTLM Removal
Recent developments indicate that Microsoft is hastening this transition, already removing NTLM from Windows 11 24H2 and Windows Server 2025. Just this week, the software giant disclosed that NTLMv1 has officially been eliminated from these platforms.
Updated Deprecation Notice
Microsoft has revised the notification on its deprecated features webpage, which now includes the following message:
All versions of NTLM, including LANMAN, NTLMv1, and NTLMv2, are no longer under active feature development and are deprecated. Use of NTLM will continue to work in the next release of Windows Server and the next annual release of Windows. Calls to NTLM should be replaced by calls to Negotiate, which will attempt authentication using Kerberos, reverting to NTLM only when necessary. [Update – November 2024]: NTLMv1 is removed starting in Windows 11, version 24H2 and Windows Server 2025.
Additional Security Features Removed
Microsoft’s removal of NTLMv1 is part of a broader effort to enhance security features within its operating systems. Alongside this change, another notable security feature, Windows Information Protection (WIP)—previously aimed at safeguarding against unintentional data leaks—has also been removed from Windows 11 24H2. The company stated:
Windows Information Protection is removed starting in Windows 11, version 24H2.
Why NTLM is Being Phased Out
The NTLM protocol has increasingly been recognized for its vulnerabilities in today’s security landscape. A pertinent example was highlighted when 0patch released an unofficial micro-patch for a security flaw associated with NTLM. Such incidents have solidified the need for more robust authentication protocols.
Find Out More
For those interested in delving deeper into the list of removed features as part of this transition, further details can be found here on Microsoft’s official site.
For additional coverage and images regarding Microsoft’s removal of NTLM in Windows 11 24H2 and Windows Server 2025, visit the source: Neowin.
Leave a Reply