This worklet can be used to remediate vulnerability found by Rapid7 -Weak LAN Manager hashing permitted.
We do it by adding a value in registry.
Evaluation Code:
Exit 1
Remediation Code
$path = ‘HKLM:\SYSTEM\CurrentControlSet\Control\Lsa’
$key = try {
Get-Item -Path $path -ErrorAction Stop
}
catch {
New-Item -Path $path -Force
}
New-ItemProperty -Path $key.PSPath -Name LMCompatibilityLevel -Value 5