Event banner

The evolution of Windows authentication

Event Ended
Wednesday, Mar 27, 2024, 03:30 PM PDT
Online

Event details

As the security landscape evolves, Windows must continue to change to protect users and organizations. Foundational to this is user authentication. In Windows Server 2025 and Windows vNext, we have c...
Heather_Poulsen
Updated Dec 27, 2024
mamoreau's avatar
mamoreau
Iron Contributor
Mar 27, 2024
While options have been added to properly disable NTLM in SMB, will there be an effort to add similar options for the RDP client? There is currently no good way to disable outbound NTLM in the RDP client specifically, and to make matters worse, things like server validation happen *after* the NTLM/Kerberos exchange in CredSSP right now. While RDP responder attacks are not as popular as with other protocols using Windows authentication, there is a lot of area for improvement for RDP client hardening. Again, I would be more than happy to point you to the places where this could be improved, most of which would need to be done in mstsc.
ZakWhitt's avatar
ZakWhitt
Copper Contributor
Apr 10, 2024
Yes, we are expanding policies to allow you to control NTLM on a per-protocol basis.
Date and Time
Mar 27, 20243:30 PM - 4:00 PM PDT