Network security: Allow LocalSystem NULL session fallbackID: oval:org.secpod.oval:def:8789 | Date: (C)2013-01-21 (M)2022-10-10 |
Class: COMPLIANCE | Family: windows |
The Network security: Allow LocalSystem NULL session fallback setting should be configured correctly.
Allow NTLM to fall back to NULL session when used with LocalSystem. The default is TRUE up to Windows Vista and FALSE in Windows 7.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Network security: Allow LocalSystem NULL session fallback
(2) KEY: HKLM\System\CurrentControlSet\Control\Lsa\MSV1_0\allownullsessionfallback
Platform: |
Microsoft Windows Server 2008 R2 |