| VID |
28349 |
| Severity |
40 |
| Port |
135 |
| Protocol |
TCP |
| Class |
WMI |
| Detailed Description |
Disable the Autologon feature because the Autologon feature could allow an intruder to use a hacking tool to verify the login account and password in the registry.
*Autologon: The ability to automatically log in using alternate credentials stored encrypted in the registry.
* Platforms Affected:
Windows Any version |
| Recommendation |
1. Start > Run > REGEDIT >
HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon
2. Set 'AutoAdminLogon Value' to '0'
3. Delete the DefaultPassword entry if it exists |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
