It is possible to log into the remote Windows host with a NULL session.
The remote host is running Microsoft Windows. It is possible to log into it using a NULL session (i.e., with no login or password). Depending on the configuration, it may be possible for an unauthenticated, remote attacker to leverage this issue to get information about the remote host.
Apply the following registry changes per the referenced Technet advisories : Set : - HKLM\SYSTEM\CurrentControlSet\Control\LSA\RestrictAnonymous=1 - HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\restrictnullsessaccess=1 Remove BROWSER from : - HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\NullSessionPipes Reboot once the registry changes are complete.