A few days ago, Microsoft confirmed it had fixed a longstanding “65000” BitLocker encryption reporting error on Windows Intune. These types of issues can often affect a large number of systems as they are deployed on managed devices across enterprises.
Yesterday, Microsoft confirmed a new issue for Windows Server domain controllers (DCs) as it has cautioned that IT and system administrators may notice a large increase in NTLM authentication traffic. The tech giant has confirmed that this spike is caused as a result of a bug in the latest April 2024 Patch Tuesday (KB5036909) for Windows Servers, and it affects all Server OS versions, from 2008 all the way up to the latest Windows Server 2019 and 2022.
Windows NTLM, or New Technology LAN Manager, is a suite of security protocols that helps to authenticate and verify users’ identity, and it is something Microsoft wishes to eventually disable in Windows 11.
This NTLM traffic bug is in addition to the VPN connection issues that are also currently affecting Windows Server systems, alongside Windows 10 and 11.
As always, the bug was posted on the Windows health dashboard website, where Microsoft writes:
After installing the April 2024 security update (KB5036909) on domain controllers (DCs), you might notice a significant increase in NTLM authentication traffic. This issue is likely to affect organizations that have a very small percentage of primary domain controllers in their environment and high NTLM traffic.
Next steps: We are working on a resolution and will provide an update in an upcoming release.
Windows support:
Enterprise devices: Request help for your organization through Support for business.
Affected platforms:
Client: none
Server: Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, Windows Server 2008
Hence, like the vpn bug and broken profile pictures, Microsoft says a future update would resolve the NTLM issue.