Solved

Windows server 2008 R2 vulnerability CWDIllegalInDllSearch registry modification

Posted on 2016-08-22
3
102 Views
Last Modified: 2016-09-20
I have this vulnerability, and I do know I have to modify the registry in the server, but specifically I don't know how  do I need to reference the TCP port 445 on the DWORD value:
So please can anybody help me to achieve this modification please?
 
"ntdll.dll has been upgraded by KB2264107 or a related, subsequent update, but the following registry entry has not been set : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\CWDIllegalInDllSearch Port: cifs (445/tcp)"
0
Comment
Question by:Apolo Victores
3 Comments
 
LVL 78

Accepted Solution

by:
David Johnson, CD, MVP earned 500 total points
ID: 41766330
Microsoft has a fixit and an explanation @ https://support.microsoft.com/en-ca/kb/2264107
This was fixed in an optional update https://support.microsoft.com/en-us/kb/2533623
This is an ancient vulnerability that was resolved in 2010
0
 

Author Comment

by:Apolo Victores
ID: 41766879
Thanks Mr. Johnson!, I wonder  if applying the update (KB2533623) on the server will fix this vulnerability for the 445 tcp port?¡
0
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 41806177
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I have recommended this question be closed as follows:

Accept: David Johnson CD MVP (https:#a41766330)

If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.

seth2740
Experts-Exchange Cleanup Volunteer
0

Featured Post

Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now