Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions

Cybersecurity researchers discovered a misconfiguration in on-premise applications that allows NTLMv1 authentication despite Active Directory restrictions. This bypasses the Group Policy designed to disable NTLMv1, which is vulnerable to relay attacks and other security weaknesses. Organizations should enable audit logs, identify vulnerable applications, and keep systems up-to-date to mitigate this risk.