Already this year, the world will see an updated Windows 11 with a perfect protection system.
Microsoft has officially confirmed plans to roll out NT LAN Manager (NTLM) in Windows 11 in the second half of 2024, announcing a number of new security measures to strengthen the protection of the operating system.
The company's statement emphasizes that the rejection of NTLM has long been a desired step on the part of the security community, as it will strengthen user authentication.
The initial decision to replace NTLM with Kerberos for authentication was announced back in October 2023. Insufficient support for cryptographic methods such as AES or SHA-256 makes NTLM vulnerable to attacks, in particular NTLM Relay attacks.
Other changes in Windows 11 include enabling Local Security Authority (LSA) protection by default for new consumer devices and using Virtualization-based Security (VBS) to protect Windows Hello.
Also, Smart App Control, which protects users from running unsigned apps, has received an update – now the tool will use AI to determine the security of applications and block unknown or malicious programs. In addition to Smart App Control, a new Trusted Signing system was introduced, allowing developers to sign their applications and simplify the certificate signing process.
Other significant security improvements include:
The company also announced that it will no longer trust TLS server authentication certificates with RSA keys of less than 2048 bits due to "developments in computing power and cryptanalysis."
New security features also include the Zero Trust Domain Name System (ZTDNS), which will help commercial customers restrict Windows devices from accessing only approved network addresses by domain name.
The improvements were a response to criticism of Microsoft's security practices, which allowed hackers from China to break into Exchange Online. A recent report from the US Cybersecurity Council (CSRB) highlighted the need to review the company's security culture.
Microsoft has officially confirmed plans to roll out NT LAN Manager (NTLM) in Windows 11 in the second half of 2024, announcing a number of new security measures to strengthen the protection of the operating system.
The company's statement emphasizes that the rejection of NTLM has long been a desired step on the part of the security community, as it will strengthen user authentication.
The initial decision to replace NTLM with Kerberos for authentication was announced back in October 2023. Insufficient support for cryptographic methods such as AES or SHA-256 makes NTLM vulnerable to attacks, in particular NTLM Relay attacks.
Other changes in Windows 11 include enabling Local Security Authority (LSA) protection by default for new consumer devices and using Virtualization-based Security (VBS) to protect Windows Hello.
Also, Smart App Control, which protects users from running unsigned apps, has received an update – now the tool will use AI to determine the security of applications and block unknown or malicious programs. In addition to Smart App Control, a new Trusted Signing system was introduced, allowing developers to sign their applications and simplify the certificate signing process.
Other significant security improvements include:
- Win32 application isolation, designed to limit damage if an application is compromised by creating a security boundary between the application and the operating system.
- Limit abuse of administrator privileges by requesting explicit user approval.
- VBS-enclaves for third-party developers to create trusted computing environments.
- Windows Protected Print Mode (WPP), introduced in December 2023, will become the default print mode, which will allow you to run the Print Queue Manager as a limited service and significantly reduce the attractiveness of the service to attackers.
The company also announced that it will no longer trust TLS server authentication certificates with RSA keys of less than 2048 bits due to "developments in computing power and cryptanalysis."
New security features also include the Zero Trust Domain Name System (ZTDNS), which will help commercial customers restrict Windows devices from accessing only approved network addresses by domain name.
The improvements were a response to criticism of Microsoft's security practices, which allowed hackers from China to break into Exchange Online. A recent report from the US Cybersecurity Council (CSRB) highlighted the need to review the company's security culture.
