Microsoft is phasing out NTLM (NT LAN Manager) as part of its ongoing security efforts. The decision aims to strengthen Windows against various security threats and vulnerabilities. Developers are advised to transition to Negotiate calls, with Kerberos as the preferred protocol, due to NTLM’s susceptibility to attacks like pass-the-hash and NTLM relay.
The deprecation process is gradual, with NTLM continuing to function in the next Windows Server release and subsequent annual Windows updates. However, after November 2026, features like Windows Mixed Reality will cease to receive updates, signaling a broader move away from older technologies. System administrators and developers are urged to conduct thorough audits of their infrastructure to identify NTLM usage and plan for its replacement with Negotiate calls.
Microsoft’s decision underscores its commitment to enhancing operating system security. By transitioning to Kerberos via the Negotiate package, Microsoft aims to mitigate NTLM-related risks and provide a more secure authentication framework. Prompt action is essential for organizations to ensure system compatibility with future Windows updates and maintain robust security measures.
For detailed information on NTLM deprecation and the transition to Negotiate and Kerberos, users can refer to official Microsoft documentation pages.
