Detections
Analytics

MS KB2871997: Update to Improve Credentials Protection and Management

info Nessus Plugin ID 73990

Language:

Synopsis

The remote Windows host is missing an update to improve credentials protection and management.

Description

The remote host is missing one or more of the following Microsoft updates: KB2871997, KB2973351, KB2975625, KB2982378, KB2984972, KB2984976, KB2984981, KB2973501, or KB3126593. These updates are needed to improve the protection against possible credential theft.

 - For Windows 7 / 2008 R2 :
 KB2984972, KB2871997, KB2982378, and KB2973351 are required; also, KB2984976 (if KB2592687 is installed) or KB2984981 (if KB2830477 is installed).

 - For Windows 8 / 2012 :
 KB2973501, KB2871997, and KB2973351 are required.

 - For Windows 8.1 / 2012 R2 :
 KB2973351 (if Update 1 is installed) or KB2975625 (if Update 1 isn't installed).

These updates provide additional protection for the Local Security Authority (LSA), add a restricted administrative mode for Credential Security Support Provider (CredSSP), introduce support for the protected account-restricted domain user category, enforce stricter authentication policies, add additional protection for users' credentials, and add a restricted administrative mode for Remote Desktop Connection and Remote Desktop Protocol.

Solution

Microsoft has released a set of patches for Windows 7, 2008 R2, 8, 2012, 8.1, and 2012 R2.

See Also

https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2016/2871997

Plugin Details

Severity: Info

ID: 73990

File Name: smb_kb2871997.nasl

Version: 1.15

Type: local

Agent: windows

Family: Windows

Published: 5/14/2014

Updated: 6/3/2021

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/Registry/Enumerated, SMB/WindowsVersion

Patch Publication Date: 5/13/2014

Vulnerability Publication Date: 5/13/2014

Reference Information

IAVA: 2016-A-0327-S

MSKB: 2871997