Nessus Windows Scan Not Performed with Admin Privileges

Info Nessus Plugin ID 24786


The Nessus scan of this host may be incomplete due to insufficient privileges provided.


The Nessus scanner testing the remote host has been given SMB credentials to log into the remote host, however these credentials do not have administrative privileges.

Typically, when Nessus performs a patch audit, it logs into the remote host and reads the version of the DLLs on the remote host to determine if a given patch has been applied or not. This is the method Microsoft recommends to determine if a patch has been applied.

If your Nessus scanner does not have administrative privileges when doing a scan, then Nessus has to fall back to perform a patch audit through the registry which may lead to false positives (especially when using third-party patch auditing tools) or to false negatives (not all patches can be detected through the registry).


Reconfigure your scanner to use credentials with administrative privileges.

Plugin Details

Severity: Info

ID: 24786

File Name: smb_scan_not_admin.nasl

Version: $Revision: 1.11 $

Type: local

Family: Settings

Published: 2007/03/12

Modified: 2013/01/07

Dependencies: 10394, 10150

Risk Information

Risk Factor: Info

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/name, SMB/login, SMB/password, SMB/transport

Excluded KB Items: SMB/not_windows