How to Protect Your Windows NTLM Credentials from Zero Day Threats

NTLM (NT LAN Manager) is an authentication method used by Windows systems, but it is not secure as it discloses passwords and leaves users vulnerable to cyber attacks.
In April 2025, a security blog warned of a zero-day exploit called “CVE-2025-24054” that exposed NTLM hash passwords to attackers in government and enterprise settings in Poland and Romania.
Attackers used man-in-the-middle techniques including pass-the-hash, rainbow table and relay attacks, aiming to steal administrator privileges.
To secure systems and protect passwords, it is recommended to disable NTLM, particularly over SMB, and switch to NTLMv2 protocol; alternatively, enable cloud-delivered protection and enable multi-factor authentication.
Other advice includes checking for and installing the latest security patches and updates, backing up the registry and using PowerShell to disable NTLM over SMB.
Overall, it is important to be vigilant against cyber threats and to take proactive measures to protect passwords and systems. qualifier.

Fast Feed