The Server Message Block (SMB) v1 protocol is not disabled
Description
Server Message Block (SMB) is a network protocol used by Windows-based computers to provide files and printer sharing services between computers in a network. SMBv1 is a legacy protocol that uses the MD5 (Message Digest) algorithm, which is known to be vulnerable to a number of attacks. SMB is one of the primary attack vectors for the WannaCry ransomware attack of 2017. Therefore, it is advisable to disable SMB v1.
Severity
Critical
Category
Legacy Protocols
Resolution
Follow the below steps to resolve the misconfiguration.
Step 1: Open control panel
Step 2: Navigate to programs and features.
Step 3: Click on "Turn Windows features on or off.
Step 4: Disable "(Server Message Block) SMB v1"Step 5 : Click ok.
Potential issues that may arise after applying the resolution
Altering the existing security setting may create the following impact in your network operations. Legacy protocols are present to support operations of legacy applications and services. Disabling them would cause those applications to stop functioning.
Does remediation require reboot?
No
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.