Microsoft Taking Steps to Deal with Remnants of SMB1 In Upcoming Versions of Windows 10

Microsoft is taken more steps after the recent WannaCrypt Ransomware outbreak to make that attack vector unavailable by default in future versions of Windows 10.

Richard Hay, Senior Content Producer

June 22, 2017

2 Min Read
Microsoft Taking Steps to Deal with Remnants of SMB1 In Upcoming Versions of Windows 10

The attack vector used during the WannaCrypt Ransomware outbreak earlier this year was through a 30 year old Windows protocol called SMB (Server Message Block) Version 1.

Over the course of a multi-year security plan, the company is removing the vulnerable protocol from Windows by changing its default status to not installed during clean installations of future versions of Windows.

Yesterday, when Microsoft released Windows 10 Build 16226, a Redstone 3 development branch build of the Fall Creators Update, they inserted this new behavior into the operating system.

If you perform an upgrade to the upcoming Windows 10 Fall Creators Update when it is released and SMB1 is already installed then it will continue to be available on that system. Clean installs of the Fall Creators Update, expected this September, will keep the protocol uninstalled by default.

These changes will help lower the attack risks through this protocol on Windows in the future.

Here are the specific details of the what this change means moving forward:

-- All Home and Professional editions now have the SMB1 server component uninstalled by default. The SMB1 client remains installed. This means you can connect to devices from Windows 10 using SMB1, but nothing can connect to Windows 10 using SMB1. We still recommend you uninstall SMB1 if you are not using it. In a later feature update of Windows 10, we may uninstall SMB1 client if we detect that you are not using it.

-- All Enterprise and Education editions have SMB1 totally uninstalled by default.

-- The removal of SMB1 means the removal of the legacy Computer Browser service. The Computer Browser depends exclusively on SMB1 and cannot function without it.

You can read more about the removal of SMB1 and also see a list of devices that have been verified to require SMB1 to function properly.

This change means it may be time to move away from that gear and upgrade to more modern methods of handling that functionality. Although longevity in marriage is a good thing it is not the same for an old protocol like this!

----------

But, wait...there's probably more so be sure to follow me on Twitter and Google+.

----------------------------------

Looking for an awesome, no-nonsense technical conference for IT Pros, Devs, and Devops? Check out IT/Dev Connections!

IT/Dev Connections

About the Author

Richard Hay

Senior Content Producer, IT Pro Today (Informa Tech)

I served for 29 plus years in the U.S. Navy and retired as a Master Chief Petty Officer in November 2011. My work background in the Navy was telecommunications related so my hobby of computers fit well with what I did for the Navy. I consider myself a tech geek and enjoy most things in that arena.

My first website – AnotherWin95.com – came online in 1995. Back then I used GeoCities Web Hosting for it and WindowsObserver.com is the result of the work I have done on that site since 1995.

In January 2010 my community contributions were recognized by Microsoft when I received my first Most Valuable Professional (MVP) Award for the Windows Operating System. Since then I have been renewed as a Microsoft MVP each subsequent year since that initial award. I am also a member of the inaugural group of Windows Insider MVPs which began in 2016.

I previously hosted the Observed Tech PODCAST for 10 years and 317 episodes and now host a new podcast called Faith, Tech, and Space. 

I began contributing to Penton Technology websites in January 2015 and in April 2017 I was hired as the Senior Content Producer for Penton Technology which is now Informa Tech. In that role, I contribute to ITPro Today and cover operating systems, enterprise technology, and productivity.

https://twitter.com/winobs

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like