This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.
The remote Windows host is missing an update to improve credentials
protection and management.
The remote host is missing one or more of the following Microsoft
updates: KB2871997, KB2973351, KB2975625, KB2982378, KB2984972,
KB2984976, KB2984981, KB2973501, or KB3126593. These updates are
needed to improve the protection against possible credential theft.
- For Windows 7 / 2008 R2 :
KB2984972, KB2871997, KB2982378, and KB2973351 are
KB2984976 (if KB2592687 is installed) or
KB2984981 (if KB2830477 is installed).
- For Windows 8 / 2012 :
KB2973501, KB2871997, and KB2973351 are required.
- For Windows 8.1 / 2012 R2 :
KB2973351 (if Update 1 is installed) or
KB2975625 (if Update 1 isn't installed).
These updates provide additional protection for the Local Security
Authority (LSA), add a restricted administrative mode for Credential
Security Support Provider (CredSSP), introduce support for the
protected account-restricted domain user category, enforce stricter
authentication policies, add additional protection for users'
credentials, and add a restricted administrative mode for Remote
Desktop Connection and Remote Desktop Protocol.
See also :
Microsoft has released a set of patches for Windows 7, 2008 R2, 8,
2012, 8.1, and 2012 R2.
Risk factor :
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now