| VID |
27023 |
| Severity |
20 |
| Port |
139 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The user's password is expired. If the user has not logged on recently, consider deleting or disabling the account. Accounts that are rarely logged on have passwords that are not often changed, and may create unauthorized access opportunities for an attacker.
False Positives: If this account is legitimate, then this condition does not indicate a vulnerability.
If the user account is legitimate, then the user will have to change the password the next time they log in. If the account is not legitimate or is unneeded, remove the account by disabling or deleting it.
Disable the user account if it may be needed at a later time.
* References:
http://www.iss.net/security_center/static/1306.php
* Platforms Affected:
Microsoft Windows Any version |
| Recommendation |
To disable the account, follow the steps below appropriate for your platform.
In Windows NT:
1. Open User Manager. (From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.)
2. Select the user from the list.
3. From the User menu, select Properties to display the User Properties dialog box.
4. Select the Account Disabled check box.
5. Click OK.
For a Windows 2000 domain:
1. Start Active Directory Users and Computers Management Console (dsa.msc).
2. Look for the user of interest in the domain, the default folders to look for is Users.
3. Open the Properties page for the user of interest.
4. Select the Account Tab.
5. Ensure the "Account is disabled" option under Account Options is checked.
For stand-alone Windows 2000 machines:
1. On the computer of interest, start Local Users and Groups Management Console (lusrmgr.msc).
2. Open the User folder.
3. Select the User of interest.
4. Open the Properties page for the user.
5. Select the General Tab.
6. Ensure the "Account is disabled" option is checked.
For Windows XP, 2003, VISTA, 7, 2008, 8, 2012, 10, 2016, 2019:
1. Start menu, select Run and then execute lusrmgr.msc
2. Open [Local Users and Groups] -> [Users] folder and select the User.
3. Select the 'Properties' menu for the user.
4. Select the 'General' Tab.
5. Check the "Account is disabled" check box.
To delete (permanently remove) a user account, follow the steps below appropriate for your platform.
In Windows NT:
1. Open User Manager. (From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.)
2. Select the user account to be removed.
3. Press Delete and confirm the delete action.
For a Windows 2000 domain:
1. Start Active Directory Users and Computers Management Console (dsa.msc).
2. Look for the user of interest in the domain, the default folders to look for is Users.
3. Select the user of interest.
4. Right mouse click on the user entry.
5. Select Delete operation, and confirm.
For stand-alone Windows 2000 machines:
1. On the computer of interest, start Local Users and Groups Management Console (lusrmgr.msc).
2. Open the User folder.
3. Select the User of interest.
4. Right mouse click on the user entry.
5. Select Delete operation, and confirm.
For Windows XP, 2003, VISTA, 7, 2008, 8, 2012, 10, 2016, 2019:
1. Start menu, select Run and then execute lusrmgr.msc
2. Open [Local Users and Groups] -> [Users] folder and select the User.
3. Right mouse click on the user entry.
4. Select Delete operation, and confirm. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
