SMB Administrator account without password

Description
  • It was possible to establish a SMB session using the Administrator account with a blank password.
Remediation
  • You need to limit local account use of blank passwords to console login only.

    • [Start] [Run] and type gpedit.msc and click [OK]
    • Navigate to Computer Configuration / Windows Settings / Security Settings / Local Policies / Security Options
    • Double click on Accounts: Limit local account use of blank passwords to console login only.
    • Select the radio button next to Enabled and click [OK]