NET-NTLM v1 Security Update Advisory

Feb 05 2026

Overview

The use of the vulnerable NET-NTLM v1 protocol has been confirmed on many devices in Korea, and it is recommended to change to an alternative protocol such as NET-NTLM v2 and disable NET-NTLM v1. [1] [2]

description

NET-NTLM v1 is vulnerable due to the use of a weak cryptographic algorithm (DES) and hash (MD4), the use of a fixed challenge value on the server, and the lack of authentication procedures between the server and the user [1]

Affected Products

NET-NTLM v1

resolved Products

NET-NTLM v2

references

[1] Security Guidelines for NTLMv1 and LM Network Authentication

https://support.microsoft.com/ko-kr/topic/ntlmv1-%EB%B0%8F-lm-%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC-%EC%9D%B8%EC%A6%9D%EC%97%90-%EB%8C%80%ED%95%9C-%EB%B3%B4%EC%95%88-%EC%A7%80%EC%B9%A8-da2168b6-4a31-0088-fb03-f081acde6e73

[2] Enable NTLM v2 Authentication

https://learn.microsoft.com/ko-kr/troubleshoot/windows-client/windows-security/enable-ntlm-2-authentication

NET-NTLM v1 Security Update Advisory

SolarWinds Product Security Update Advisory

IBM Product Security Update Advisory (CVE-2025-13379)

Tags:

SolarWinds Product Security Update Advisory

IBM Product Security Update Advisory (CVE-2025-13379)