https://community.blueprism.com/t5/Product-Forum/10-May-2022-zero-day-vulnerability-in-the-Windows-Operating/m-p/90614#M40798 Hi Terry,<BR /><BR />Our <A href="https://bpdocs.blueprism.com/bp-7-1/en-us/installation/bp-enterprise/typical-bp-application-server.htm?Highlight=ntlm" target="_blank" rel="noopener">Application Server documentation</A> goes into some detail about how NTLM can be used in Blue Prism, but it is not a default setting.&nbsp;<BR /><BR />The <A href="https://bpdocs.blueprism.com/bp-7-1/en-us/Guides/authentication-server/auth-server-introduction.htm?Highlight=ldap" target="_blank" rel="noopener">Authentication Server documentation</A> describes how LDAP can be used in Blue Prism as well.<BR /><BR />As part of the Windows Update changes introduced in a January 11th patch that removed the default fail-over to use NTLM in lieu of Kerberos, Service Principal Names must be defined for Kerberos authentication as outlined in <A href="https://bpdocs.blueprism.com/bp-7-1/en-us/installation/bp-enterprise/spn-configuration.htm?Highlight=ntlm" target="_blank" rel="noopener">this documentation here</A>.<BR /><BR />------------------------------<BR />Steve Boggs<BR />Senior Product Support Engineer<BR />Blue Prism<BR />Austin, TX<BR />------------------------------<BR /> Mon, 20 Jun 2022 19:33:00 GMT steven.boggs 2022-06-20T19:33:00Z https://community.blueprism.com/t5/Product-Forum/10-May-2022-zero-day-vulnerability-in-the-Windows-Operating/m-p/90613#M40797 <P>On May 10th, 2022, a zero-day vulnerability was reported in the Windows Operating System which, when exploited, allows an attacker to authenticate to a domain controller. The attack targets the Windows Local Security Authority (LSA) and when combined with NTLM relay attacks, is considered highly effective. This vulnerability appears to have been re-introduced due to a Microsoft patch and is considered related to the PetitPotam NTLM attack which was first reported in August 2021.</P> <P>&nbsp;</P> <P>Does Blue Prism uses NTLM protocol?&nbsp; If so, can LDAP be used in place of NTLM for authentication.&nbsp; I believe this question applies to the Windows Server as well as the DB Server.&nbsp;</P><BR /><BR />------------------------------<BR />Terry Woods<BR />CEO<BR />RPA Implementation, Inc.<BR />America/Toronto<BR />------------------------------<BR /> Wed, 15 Jun 2022 14:04:00 GMT https://community.blueprism.com/t5/Product-Forum/10-May-2022-zero-day-vulnerability-in-the-Windows-Operating/m-p/90613#M40797 terry.woods_957 2022-06-15T14:04:00Z https://community.blueprism.com/t5/Product-Forum/10-May-2022-zero-day-vulnerability-in-the-Windows-Operating/m-p/90614#M40798 Hi Terry,<BR /><BR />Our <A href="https://bpdocs.blueprism.com/bp-7-1/en-us/installation/bp-enterprise/typical-bp-application-server.htm?Highlight=ntlm" target="_blank" rel="noopener">Application Server documentation</A> goes into some detail about how NTLM can be used in Blue Prism, but it is not a default setting.&nbsp;<BR /><BR />The <A href="https://bpdocs.blueprism.com/bp-7-1/en-us/Guides/authentication-server/auth-server-introduction.htm?Highlight=ldap" target="_blank" rel="noopener">Authentication Server documentation</A> describes how LDAP can be used in Blue Prism as well.<BR /><BR />As part of the Windows Update changes introduced in a January 11th patch that removed the default fail-over to use NTLM in lieu of Kerberos, Service Principal Names must be defined for Kerberos authentication as outlined in <A href="https://bpdocs.blueprism.com/bp-7-1/en-us/installation/bp-enterprise/spn-configuration.htm?Highlight=ntlm" target="_blank" rel="noopener">this documentation here</A>.<BR /><BR />------------------------------<BR />Steve Boggs<BR />Senior Product Support Engineer<BR />Blue Prism<BR />Austin, TX<BR />------------------------------<BR /> Mon, 20 Jun 2022 19:33:00 GMT https://community.blueprism.com/t5/Product-Forum/10-May-2022-zero-day-vulnerability-in-the-Windows-Operating/m-p/90614#M40798 steven.boggs 2022-06-20T19:33:00Z