Monday, May 15, 2017

chef-windows-hardening 0.9.0 is released

DevSec Hardening Framework project is releasing a new minor release chef-windows-hardening today.

The release introduces the, always, disabling of SMB1 protocol on Windows operating systems.

Note: This resource was introduced in the wake of the WannaCrypt/WannaCry ransomware worm which exploits a known vulnerability in the SMBv1 protocol

Highlights and breaking changes:

  • Enforce the disabling of SMBv1 on all versions of Windows, regardless of installation or whether the feature is enabled (e.g. Windows 2016)

New attributes: - ['windows_hardening']['smbv1']['disable'] allows the disabling/enabling of the enforcement of disabling SMBv1

We are looking forward to get your feedback via GitHub issues or Gitter chatroom. And you can follow us on Twitter.