Already in July, we reported that Windows 11 gets improved protection against so-called brute force attacks as standard. The Windows team is now testing the new specifications for the “SMB authentication rate limiter” with a new preview. This limiter regulates the number of attempted authentications within a certain time window.
Brute force attacks are one of the most common methods direct or remote access (RDP) hackers use to try to break into someone else’s PC system. Such attacks involve guessing the administrator’s username and password or using tools and scripts to enter them through trial and error until the right one is found. The attacker does this in the fastest possible sequence, but the limiter restricts these requests to the SMB server. This protects against brute force attacks.
New default settings
Microsoft has now announced that the new Insider Preview Build 25206 will introduce changes to the Dev Channel that will expand protection. In the build, the SMB authentication rate limiter is enabled by default. In addition, there are optimized settings so that attacks become less effective.
With today’s release of Windows 11 Insider Preview Build 25206 Dev Channel, the SMB Server service now defaults to a 2-second policy between each failed incoming NTLM authentication, said Ned Pyle, principal program manager at Microsoft Windows Server Engineering Group.
This means that an attacker who previously brute-forced 300 attempts per second from a client over a period of 5 minutes (90,000 passwords) now takes at least 50 hours for the same number of attempts. Once this feature is enabled, a delay is added between each failed NTLM authentication as additional protection for the SMB server service.
The goal is to make a Windows client an unattractive target, either in a workgroup or for its local accounts when joined to a domain, add Amanda Langowski and Brandon LeBlanc of the Windows Insider team
Digital marketing enthusiast and industry professional in Digital technologies, Technology News, Mobile phones, software, gadgets with vast experience in the tech industry, I have a keen interest in technology, News breaking.