The purpose of the Guest account is to control anonymous access to some OS facilities. If I wanted to allow anonymous access to, say, an SMB share, I'd enable the Guest account,
Enabling the account in changes the behavior of the OS. Guest is a user account, but its enabled/disabled status acts as a flag that says "Hey-- when this account is enabled allow anybody with any credentials to authenticate as this context."
The "FUD" comes from Microsoft's historically bad handling of security and allowing anonymous users unnecessarily broad access, by default, in older versions of the OS. Even though Windows Server 2003 and newer versions of Windows do a much better job with this the community is still a little gun-shy.
To my mind there's nothing wrong with using the OS built-in Guest account for its intended purpose.
Personally I'd tend to be against using anonymous SMB file sharing. I'd export the files you want to share with HTTP or, if they needed to be read/write, WebDAV. I tend to think that writeable folders with anonymous access enabled are irresponsible to host.
Edit:
If you want "Guest" to access a shared folder via SMB in a Windows Server OS's (W2K3 and W2K8 flavors) then you'd want to:
- "Enable" the "Guest" account from "Local User and Groups"
- Add either the "Guest" user or the "Guests" group with the desired permissions (hopefully read-only) to the ACL on the shared folder
The "Users" and "Authenticated Users" built-in groups don't contain "Guest" (though "Everyone" does) so most default folder ACLs won't allow Guest access. I'd add "Guests" explicitly, rather than "Everyone", so that it's visually very clear that I've allowed "Guests" access to this folder. (You don't have to use the group "Guests" but, generally it's better to use groups in permissions rather than individual users. When you're joined to be a domain be aware that "DOMAIN\Domain Guests" is nested into your computer's local "Guests" group, though.)
Best Answer
It’s an answer antivirus vendor can give you, as usualy its a file signature that trigger such detection.
Please note other product are affected by such detection, ‘ike the remote tool AMMY was too flagged as a hack tool
The official answer