Microsoft released a Security Advisory warning of the NTLM Relay Attack, PetitPotam. These attacks target Windows domain controllers and other Windows servers. Environments using Active Directory Certificate Services (AD CS) are vulnerable if also using Certificate Authority Web Enrollment or Certificate Enrollment Web Service. According to industry experts, no authentication or credentials are needed to gain domain admin access making this attack extremely dangerous.
Additionally, it is recommended that NTLM authentication is disabled (NTLM is enabled by default) immediately where possible.
