Administrative Shares

All Windows computers have administrative shares, \\machinename\driveletter$ enabled, especially when they are part of a domain.

JSA Vulnerability Manager uses administrative shares to detect vulnerabilities on the following limited set of applications:

• Mozilla Firefox

• Mozilla Thunderbird

• Java FX

• Apache Archiva

• Apache Continuum

• Google ChromePreferences

Administrative shares are not visible to non-administrative users, and some organizations disable administrative shares or use non-administrative user accounts to scan. If administrative shares are not accessible, JSA Vulnerability Manager might miss vulnerabilities in the products in the preceding list or produce false positives. In general, JSA Vulnerability Manager vulnerability tests use only administrative shares as a last resort, and use registry scans and WMI.