Windows Server 2022 must prevent NTLM from falling back to a Null session.

An XCCDF Rule

Description

NTLM sessions that are allowed to fall back to Null (unauthenticated) sessions may gain unauthorized access.

ID: SV-254471r991589_rule
Version: WN22-SO-000270
Severity: Medium
References: CCI-000366
Updated: 6 days ago

Remediation Templates

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> Network security: Allow LocalSystem NULL session fallback to "Disabled".