SMB Administrator account without password

Description

It was possible to establish a SMB session using the Administrator account with a blank password.

Remediation

You need to limit local account use of blank passwords to console login only.

  • [Start] [Run] and type gpedit.msc and click [OK]
  • Navigate to Computer Configuration / Windows Settings / Security Settings / Local Policies / Security Options
  • Double click on Accounts: Limit local account use of blank passwords to console login only.
  • Select the radio button next to Enabled and click [OK]