Password hash in Active Directory 2008 R2?


Based on my research it looks like 2008 R2 AD hashes passwords using MD4. That can’t be right…right? That is an ancient algorithm. If that is the case, what protections are in place for passwords in 2008 R2 AD?