Network Level Authentication

Operation Monster Smash – Part 3: A Tale of Two Vulnerabilities

The Bluekeep Vulnerability is Now Compounded by Network Level Authentication (NLA) client-side attacker bypass Vulnerability. One of the remedies to the pre-auth RDP bug (pet-named Bluekeep) was to require users to enter RDP sessions with Network Level Authentication (NLA).  Those that can’t (or won’t) patch their systems, ran to NLA as a way to mitigate the…