-
-
Save ericlaw1979/1b7239ae22a9fe4ecf7c396255bff259 to your computer and use it in GitHub Desktop.
| Windows Registry Editor Version 5.00 | |
| [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] | |
| "180F"=dword:00000000 |
Thank you it worked!
Warning, this exposes you to the risk of NTLM hash leaks: https://textslashplain.com/2019/10/09/navigating-to-file-urls/#:~:text=to%20Edge%2095%2B.-,What%E2%80%99s%20the%20Risk%3F,-The%20most%20obvious
You should disable NTLM over SMB to address that risk:
Set-SMbClientConfiguration -BlockNTLM $truefrom PowerShell. https://www.anoopcnair.com/windows-11-security-blocking-ntlm-over-smb/
It failed on Windows 10:
Set-SMbClientConfiguration -BlockNTLM $true
Set-SmbClientConfiguration : A parameter cannot be found that matches parameter name 'BlockNTLM'.
At line:1 char:28
- Set-SMbClientConfiguration -BlockNTLM $true
~~~~~~~~~~
- CategoryInfo : InvalidArgument: (:) [Set-SmbClientConfiguration], ParameterBindingException
- FullyQualifiedErrorId : NamedParameterNotFound,Set-SmbClientConfiguration
Is it the same if one configs it in Group Policy as shown below?
-
Run gpedit.msc
-
Navigate to: Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options
-
Double-click "Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers"
-
Set it to "Deny all"
Yes, HKEY_CURRENT_USER will work fine so long as there's not an entry that overrides it in HKLM.