SMB Server Vulnerability

Vulnerability:

MS17-010: Security Update for Microsoft Windows SMB Server
 (4013389) (un-credentialed check)

Risk Level = High

Remediation:

Disable SMB v1.0
For client, operating systems:
1. Open Control Panel, click Programs, and then click Turn Windows features on or off.
2. In the Windows Features window, clear the SMB1.0/CIFS File Sharing Support checkbox, and then click OK to close the window.
3. Restart the system.
For server, operating systems:
1. Open Server Manager and then click the Manage menu and select Remove Roles and Features.
2. In the Features window, clear the SMB1.0/CIFS File Sharing Support check box, and then click OK to close the window.
3. Restart the system.

Comments

Post a Comment

Popular posts from this blog

Terminal Services Encryption Level Vulnerability

Vulnerability: Terminal Services Encryption Level is Medium or Low Risk Level = Medium Remediation: Set Encryption Level to High Computer Configuration\Policies\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security and can be configured by using either the Local Group Policy Editor or the Group Policy Management Console (GPMC) FIPS Use FIPS compliant algorithms for encryption, hashing, and signing Group Policy setting. This Group Policy setting is located in Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options and can be configured by using either the Local Group Policy Editor or the Group Policy Management Console (GPMC).
Read more

Terminal Services Encryption Level is not FIPS-140 Compliant Vulnerability

Vulnerability: Terminal Services Encryption Level is not FIPS-140 Compliant Risk Level = Medium Remediation: FIPS Use FIPS compliant algorithms for encryption, hashing, and signing Group Policy setting. This Group Policy setting is located in Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Security Options and can be configured by using either the Local Group Policy Editor or the Group Policy Management Console (GPMC).
Read more

Terminal Services Doesn't Use Network Level Authentication (NLA) Only

Vulnerability: Terminal Services Doesn't Use Network Level Authentication (NLA) Only Risk Level: Medium Remediation : To configure Network Level Authentication for a connection 1. On the RD Session Host server, open Remote Desktop Session Host Configuration. To open Remote Desktop Session Host Configuration, click Start, point to Administrative Tools, point to Remote Desktop Services, and then click Remote Desktop Session Host Configuration. 2. Under Connections, right-click the name of the connection, and then click Properties. 3. On the General tab, select the Allow connections only from computers running Remote Desktop with Network Level Authentication check box.
Read more