Microsoft Windows SMB Registry : Autologon Enabled

High Nessus Plugin ID 10412


Anyone can logon to the remote system.


This script determines whether the autologon feature is enabled. This feature allows an intruder to log into the remote host as DefaultUserName with the password DefaultPassword.


Delete the keys AutoAdminLogon and DefaultPassword under HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

See Also

Plugin Details

Severity: High

ID: 10412

File Name: smb_reg_autologon.nasl

Version: $Revision: 1.34 $

Type: local

Agent: windows

Family: Windows

Published: 2000/05/20

Modified: 2016/12/09

Dependencies: 10400, 10150, 10394

Risk Information

Risk Factor: High


Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: SMB/transport, SMB/name, SMB/login, SMB/password, SMB/registry_access