Microsoft fixed NTLM proxing vulnerability: credentials used for one services could be forwardedto different one. Attack is known for many years as NTLM weakness.
vulners.com/securityvulns/securityvulns:doc:20853
vulners.com/securityvulns/securityvulns:doc:26225
vulners.com/securityvulns/securityvulns:doc:26226