Upgrade the CIFS authentication method- Windows

  • 2 December 2020
  • 0 replies
  • 3697 views

This worklet can be used to remediate vulnerability found by Rapid7 -Weak LAN Manager hashing permitted.

We do it by adding a value in registry.


Evaluation Code:



Exit 1



Remediation Code



$path = ‘HKLM:\SYSTEM\CurrentControlSet\Control\Lsa’


$key = try {
Get-Item -Path $path -ErrorAction Stop
}
catch {
New-Item -Path $path -Force
}

New-ItemProperty -Path $key.PSPath -Name LMCompatibilityLevel -Value 5


0 replies

Be the first to reply!

Reply