Microsoft Releases Guidance for Mitigating PetitPotam NTLM Relay Attacks

Original release date: July 27, 2021

On July 23, Microsoft released KB5005413: Mitigating NTLM Relay Attacks on Active Directory Certificate Services (AD CS) to address a NTLM Relay Attack named PetitPotam. CISA encourages users and administrators to review KB5005413 and apply the necessary mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.