Your Session Key is My Session Key: How to Retrieve the Session Key for Any Authentication

Microsoft NTLM Security Advisory

As announced in our recent security advisory, Preempt researchers discovered a critical vulnerability which allows attackers to retrieve the session key for any NTLM authentication and establish a signed session against any server. Any domain environment which does not entirely block NTLM traffic is vulnerable.