-
-
Save ericlaw1979/1b7239ae22a9fe4ecf7c396255bff259 to your computer and use it in GitHub Desktop.
| Windows Registry Editor Version 5.00 | |
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] | |
| "180F"=dword:00000000 |
can this be used at HKCU - i have limited regedit rights on my org computer (and an IT team that I can't go to for help with anything )
Yes, HKEY_CURRENT_USER will work fine so long as there's not an entry that overrides it in HKLM.
Thank you it worked!
Warning, this exposes you to the risk of NTLM hash leaks: https://textslashplain.com/2019/10/09/navigating-to-file-urls/#:~:text=to%20Edge%2095%2B.-,What%E2%80%99s%20the%20Risk%3F,-The%20most%20obvious
You should disable NTLM over SMB to address that risk:
Set-SMbClientConfiguration -BlockNTLM $truefrom PowerShell. https://www.anoopcnair.com/windows-11-security-blocking-ntlm-over-smb/
It failed on Windows 10:
Set-SMbClientConfiguration -BlockNTLM $true
Set-SmbClientConfiguration : A parameter cannot be found that matches parameter name 'BlockNTLM'.
At line:1 char:28
- Set-SMbClientConfiguration -BlockNTLM $true
~~~~~~~~~~
- CategoryInfo : InvalidArgument: (:) [Set-SmbClientConfiguration], ParameterBindingException
- FullyQualifiedErrorId : NamedParameterNotFound,Set-SmbClientConfiguration
Is it the same if one configs it in Group Policy as shown below?
-
Run gpedit.msc
-
Navigate to: Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options
-
Double-click "Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers"
-
Set it to "Deny all"
Warning, this exposes you to the risk of NTLM hash leaks: https://textslashplain.com/2019/10/09/navigating-to-file-urls/#:~:text=to%20Edge%2095%2B.-,What%E2%80%99s%20the%20Risk%3F,-The%20most%20obvious
You should disable NTLM over SMB to address that risk:
Set-SMbClientConfiguration -BlockNTLM $truefrom PowerShell. https://www.anoopcnair.com/windows-11-security-blocking-ntlm-over-smb/