All Windows Workstation and Server versions from 7 to the latest 11 v24H2 and Server 2022 are affected by a zero-day vulnerability.
#cybersecurity #Windows #vulnerability #CyberAttack #infosec
https://cnews.link/windows-zero-day-attackers-can-steal-ntlm-credentials-1/
That’s a big hill to climb.
Enterprise will always upgrade as usual. Besides, those are all domain based systems if my memory is right, NTLM is only used for local accounts.
Even SMB runs a domain - it’s just easier to manage access control.
This issue just pushes me to setup a domain for home use.
NTLM is enabled in some domain based environments. I have to enable it for several service accounts used for connecting legacy appliances. If it “works” Goodluck getting the business to upgrade.