Windows 11 to Deprive NTLM, Integrate AI-Driven App Controls, and Bolster Security Defenses

  • Microsoft announces plans to phase out NT LAN Manager (NTLM) in Windows 11, enhancing user authentication protocols.
  • Security enhancements include default Local Security Authority (LSA) protection, virtualization-based security (VBS) for Windows Hello, and AI-powered Smart App Control.
  • Introduction of Trusted Signing simplifies app certification process, bolstering overall app security.
  • Additional security measures include Win32 app isolation, curbing admin privilege abuse, and provision of VBS enclaves for third-party developers.
  • Microsoft’s Secure Future Initiative (SFI) underscores commitment to prioritize security, with accountability placed on senior leadership.
  • Zero Trust Domain Name System (ZTDNS) introduced to enable strict network access policies for Windows devices.
  • Google advocates for multi-vendor strategies and open standards to mitigate security risks.

Main AI News:

In a strategic move aimed at fortifying the security landscape of its widely-utilized desktop operating system, Microsoft has officially disclosed its intention to phase out NT LAN Manager (NTLM) in Windows 11 during the latter half of the year. This pivotal decision comes hand in hand with a series of robust security enhancements announced by the tech giant.

Acknowledging the persistent call from the security community, Microsoft emphasized that sunsetting NTLM will significantly enhance user authentication protocols. The deprecation timeline is set for the second half of 2024, aligning with the company’s proactive security roadmap.

Initiating the transition away from NTLM towards Kerberos for authentication, originally declared in October 2023, underscores Microsoft’s commitment to addressing vulnerabilities inherent in NTLM. Notably, NTLM’s susceptibility to relay attacks, notably exploited by the Russia-linked APT28 actor via Microsoft Outlook zero-day flaws, underscores the urgency of this shift.

Among the forthcoming security upgrades in Windows 11, pivotal highlights include default activation of Local Security Authority (LSA) protection for new consumer devices, leveraging virtualization-based security (VBS) to fortify Windows Hello technology, and the evolution of Smart App Control through the integration of an AI-powered model. This upgraded version of Smart App Control ensures vigilant monitoring of application integrity, thereby thwarting the execution of untrusted or unsigned applications, including potential malware.

Supplementing Smart App Control, Microsoft introduces Trusted Signing, a comprehensive end-to-end solution designed to streamline the app certification process for developers. Trusted Signing empowers developers to securely sign their applications, simplifying the authentication process and bolstering overall app security.

Additionally, Windows 11 introduces a suite of security enhancements aimed at mitigating potential threats, such as Win32 app isolation to contain damage from application compromises, stringent controls to curb admin privilege abuse, and the provision of VBS enclaves for third-party developers to establish trusted execution environments.

In response to evolving cybersecurity paradigms, Microsoft unveils its commitment to prioritizing security through its Secure Future Initiative (SFI). This initiative signifies a paradigm shift, placing security at the forefront of Microsoft’s agenda, with senior leadership being held directly accountable for achieving cybersecurity objectives.

Moreover, in light of recent security breaches within its Exchange Online environment, Microsoft is instituting sweeping changes to augment its security posture. These measures include adopting a Zero Trust Domain Name System (ZTDNS) to enable commercial customers to enforce stringent network access policies, thereby confining Windows devices to approved network destinations.

As the cybersecurity landscape continues to evolve, stakeholders across the tech industry are advocating for a paradigm shift towards secure-by-design principles. Google echoes this sentiment, emphasizing the imperative for governments to embrace multi-vendor strategies and promote open standards to mitigate security risks associated with vendor monoculture.


Microsoft’s strategic pivot towards enhancing security measures in Windows 11 marks a significant milestone in the company’s ongoing commitment to fortifying its operating systems against emerging threats, underscoring the imperative for proactive security measures in today’s digital landscape.