CCE-42585-0Platform: cpe:/o:microsoft:windows_10 | Date: (C)2016-09-23 (M)2023-07-04 |
Disable: 'MSS: (AutoShareWks) Enable Administrative Shares (recommended except for highly secure environments)' for AutoShareWks
MSS: (AutoShareWks) Enable Administrative Shares (recommended except for highly secure environments)
Counter Measure:
Do not configure the MSS: (AutoShareWks) Enable Administrative Shares (not recommended except for highly secure environments) entry except on computers in highly secured environments where administrative shares are not required.
The possible values for this registry entry are:
? 1 or 0. The default configuration is disabled.
In the SCE UI, these options appear as:
? Enabled
? Disabled
? Not Defined
Potential Impact:
If you delete these shares you could cause problems for administrators and programs or services that rely on these shares. For example, both Microsoft Systems Management Server (SMS) and Microsoft Operations Manager require administrative shares for correct installation and operation. Also, many third-party network backup applications require administrative shares.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesMSS (Legacy)MSS: (AutoShareWks) Enable Administrative Shares (recommended except for highly secure environments)
(2) REG: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesLanmanServerParametersAutoShareWks
CCSS Severity: | CCSS Metrics: |
CCSS Score : 8.1 | Attack Vector: NETWORK |
Exploit Score: 2.2 | Attack Complexity: HIGH |
Impact Score: 5.9 | Privileges Required: NONE |
Severity: HIGH | User Interaction: NONE |
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| Confidentiality: HIGH |
| Integrity: HIGH |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35154 |