Microsoft has announced that it will expand the anti-brute force mechanism for Windows 11 to all other operating systems.
Microsoft informed Microsoft that IT administrators may now configure their systems to automate these kinds of attacks against local admin accounts through a group policy.
"We are implementing account lockouts for Administrator accounts in an effort to prevent future brute force attacks/attempts," Microsoft said. "Beginning with the October 11, 2022 or later Windows cumulative updates, a local policy will be available to enable local administrator account lockouts."
Testing the features with Windows 11
Microsoft introduced the changes in late September, with the Insider Preview Build 25206, by default. A couple of other methods have been tweaked to make these attacks less effective.
At the time, the SMB server service has now set a two-second default between the two. Each failed inbound NTLM authentication," said Ned Pyle, the principal program manager for the Microsoft Windows Server engineering group.
"This means that if an attacker received 300 brute force attempts per second from a client for 5 minutes, (90,000 passwords (opens in new tab)), the same number of attempts would now take 50 hours at a minimum," said the victim.
By connecting the feature on, there is a split in a row, resulting in a better response to brute-force attacks.
IT administrators should look for local computer policy, including Windows Settings, Security Settings, and Account Lockout Policies for the Allow Administrator account lockout policy.
Microsoft also changed how all local admin passwords are created, requiring at least three of the four basic characters types - lower case, upper case, numbers, and symbols.
Via BleepingComputer (opens in new tab)