In a number of articles in 2022, Microsoft disclose that SMB Authentications Rate Limiter is now available by default in Windows Insider, which will increase security from attackers trying to gain access to the SMB Server.
Now regarding this matter too, it was recently reported that Microsoft would shut down or disabled by default SMB Guest Authentications with the intention of improving security as well, and said Microsoft’s Principal Program Manager Ned Pyle, this has been implemented in Windows 11 Pro with Insider Preview builds 25267 and 25276 as part of the security enhancements.
The reason Microsoft enforced this change is because guest authentications does not support path audits and such security mechanisms fingerprinting and certificate, which of course is an interesting attack vector for this type of attack man in the middle attack, and even with it can be exploited in server scenarios, also in the worst case scenario, Microsoft said that actor threats it can use the guest logon to read or copy access to the entire network of users without leaving any audit trails.
This is of course a good thing if it is meant to increase security, and what do you think, guys? comment below.
Oh yes, you can see about this on the Microsoft page following.
Please wait 180 seconds or 3 minutes, the secret code will immediately appear under the countdown