Although Microsoft has deprecated NTLM in favor of Kerberos, the risks of lingering NTLM usage are becoming more than theoretical – they’re active and ongoing. The recent disclosure and patching of CVE-2025-24054 by Microsoft is a clear reminder that NTLM-based authentication remains a highly exploitable vector, especially within SMB traffic.
CVE-2025-24054 is a hash disclosure vulnerability affecting Windows and Windows Server systems. It enables an attacker-controlled SMB server to trick a victim’s machine into responding with an NTLMv2 hash. Once obtained, this hash can be used in offline brute-force attacks or relayed to other services for unauthorized access, bypassing password cracking entirely.
What makes this vulnerability particularly dangerous is its simplicity: the target user doesn’t need to open or execute any file. Simply interacting with a malicious file – inspecting, selecting, or moving it – is enough to trigger the exploit.
While Microsoft has released patches for all supported Windows versions, legacy systems that remain unpatched or unsupported still pose significant exposure. And as long as NTLM remains enabled in environments, attackers will have a path to lateral movement and credential misuse via man-in-the-middle techniques like relay attacks.
At Visuality Systems, we’ve long advocated for a shift toward modern, secure authentication mechanisms. Our SMB protocol libraries are designed with Kerberos support at their core, offering organizations a secure and standards-compliant path forward. We help eliminate NTLM dependencies in embedded systems, enterprise storage, industrial devices, and custom applications.
Transitioning from NTLM to Kerberos is not just a best practice, it’s an essential step in building a secure authentication infrastructure. CVE-2025-24054 is the latest example of why this shift cannot be delayed.
If your systems still rely on NTLM for SMB authentication, now is the time to assess, plan, and migrate. Visuality Systems’ software enables a secure, tested, and supported implementation of SMB with Kerberos, giving development teams the tools they need to protect against today’s threats, and tomorrow’s.
Leave NTLM behind. Secure your file sharing with Visuality Systems – The SMB Protocol Experts.
Raphael Barki, Head of Marketing, Visuality Systems
