[jcifs] NTLM HTTP broken by Microsoft Security Update ?

Jim Davidson jdavidson at acm.org
Fri Apr 24 21:55:36 GMT 2009

This was alluded to in an earlier posting, but it sort of got lost in the 

Microsoft just released a cumulative security update for Internet Explorer, 
MS09-014.  We have installed it, and it seems to break jCIFS NTLM HTTP 

The failure occurs in the last step, SmbSession.logon().  The relevant 
information from the SmbAuthException is:
     0xC0000022: jcifs.smb.SmbAuthException: Access is denied.

An earlier clue is that type1.getSuppliedDomain() returns null, but that 
occurs in other cases.

Does this appear to be related to the update?  The problem does not happen 
in non-updated installations of IE.

The Microsoft docs talk about blocking "NTLM credential reflection attacks":

Does this mean that the technique used in the current NTLM HTTP filter has 
reached the end of its life?  :-(  Or maybe the failure was just 
coincidental...  Or maybe there's some magical re-configuration that I can 
do to make things work again?

Is anyone else seeing this?  Thanks for any help.


More information about the jcifs mailing list