Information
Maintains an updated list of computers on the network and supplies this list to computers designated as browsers.
The recommended state for this setting is: Disabled or Not Installed
Note: In Windows 8.1 and Windows 10, this service is bundled with the
SMB 1.0/CIFS File Sharing Support
optional feature. As a result, removing that feature (highly recommended unless backward compatibility is needed to XP/2003 and older Windows OSes - see
Stop using SMB1 | Storage at Microsoft
) will also remediate this recommendation. The feature is not installed by default starting with Windows 10 R1709.
This is a legacy service - its sole purpose is to maintain a list of computers and their network shares in the environment (i.e. 'Network Neighborhood'). If enabled, it generates a lot of unnecessary traffic, including 'elections' to see who gets to be the 'master browser'. This noisy traffic could also aid malicious attackers in discovering online machines, because the service also allows anyone to 'browse' for shared resources without any authentication. This service used to be running by default in older Windows versions (e.g. Windows XP), but today it only remains for backward compatibility for very old software that requires it.
Solution
To establish the recommended configuration via GP, set the following UI path to: Disabled or ensure the service is not installed.
Computer Configuration\Policies\Windows Settings\Security Settings\System Services\Computer Browser
Impact:
The list of computers and their shares on the network will not be updated or maintained.