538d811a-0a0a-4336-8294-63bc2c092ebb
The default Guest account allows unauthenticated network users to log on as a Guest with no password. These unauthorized users could access any resources that are accessible to the Guest account over the network. This capability means that any shared folders with permissions that allow access to the Guest account, the Guests group, or the Everyone group are accessible over the network, which could lead to the exposure or corruption of data. It is best practice to disable the local Guest account.
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status
https://www.stigviewer.com/stig/windows_server_20122012_r2_domain_controller/2019-01-16/finding/V-1113
To fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ Security Options
|_ Accounts: Guest account status to "Disabled".
More info: https://www.isunshare.com/windows-8/3-ways-to-disable-guest-account-on-windows-8-8.1.html
STIG: Server
2022: https://www.stigviewer.com/stig/microsoft_windows_server_2022/2022-08-25/finding/V-254445
2019: https://www.stigviewer.com/stig/microsoft_windows_server_2019/2021-08-18/finding/V-205709 / https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93497
2016: https://www.stigviewer.com/stig/microsoft_windows_server_2016/2022-03-01/finding/V-225024 / https://www.stigviewer.com/stig/windows_server_2016/2019-01-16/finding/V-73809
Desktop:
W11: https://www.stigviewer.com/stig/microsoft_windows_11/2022-06-24/finding/V-253436
W10: https://www.stigviewer.com/stig/microsoft_windows_10/2022-04-08/finding/V-220909 / hhttps://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220909
NIST 800-53: IA-8
DISA CAT:II
CCI:CCI-000804
STIG Rule-ID:SV-220909r569187_rule
STIG-ID: WN10-SO-000010,
STIG-Legacy: SV-78101, V-63611
STIG: Vuln-ID: V-220909