[mr_mitm]

Just exposing SMB on port 445 by default is a huge issue. The vast majority of systems does not need to provide this service, yet there have been two catastrophic RCE vulnerabilities (MS08-067 and MS17-010) in this service. Also, it's basically like an SSH service for attackers to move laterally within the network. If it's not a file server, domain controller or print server, it should probably be turned off or at least severely restricted for a whitelist of hosts.

Next, the NTLMv2 authentication protocol is on by default and vulnerable to relay attacks and offline password guessing attacks. Plus: pass-the-hash vulnerable. Huge problem in corporate networks.

I'd argue the broadcast domain name resolution protocols like NBNS or mDNS are unsafe as well.

Disclaimer: if you were just talking about Windows on your home desktop PC, then yeah nevermind.