| VID |
27097 |
| Severity |
10 |
| Port |
135 |
| Protocol |
TCP |
| Class |
WMI |
| Detailed Description |
You should check that there are unused account due to retirement or leave job, useless account, or suspicious account. Unmanaged and unnecessary accounts have not changed the password for a long time, so it is hard to recognize even if account information is leaked by brute force attack or password guessing attack.
* Platforms Affected:
Microsoft Windows Any version |
| Recommendation |
1. Start> Run> LUSRMGR.MSC> Users> Seletc an unnecessary user > Properties > Check an "Account is disabled" option
or remove it |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
