Abstract: The Microsoft NTFS implementation has a backwards compatibility with older 16 bit applications. These apps could allow attackers to bypass access restrictions for longer file names. So the security recommendation for hardening an Microsoft Windows environment is often to disable that.
Disabling the NTFS 8.3 implementation is quite easy and can controlled by the following reg key:
Hive: HKEY_LOCAL_MACHINE
Path: System\CurrentControlSet\Control\FileSystem
Key: NtfsDisable8dot3NameCreation
Type: REG_DWORD
Value: 1
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem]
"NtfsDisable8dot3NameCreation"=dword:00000001
Once done a server reboot must be performed.
Note:
Existing files using the short name format will still be available to 32-bit programs, but all files created after this change is implemented will be unavailable to older 16-bit programs.
Cross References:
