A newly uncovered security flaw in the Windows operating system can be exploited to coerce remote Windows servers to authenticate with a malicious destination. The issue, dubbed “PetitPotam,” was discovered by security researcher Gilles Lionel. Microsoft has since issued mitigations for the issue, while characterizing it as a “classic NTLM relay attack” Microsoft recommends that customers disable support for MS-EFSRPC, while disabling support for the protocol doesn’t stop the attack from functioning.
Source: https://thehackernews.com/2021/07/new-petitpotam-ntlm-relay-attack-lets.html