Microsoft won’t patch the SMBv1 vulnerability: turn the service off or upgrade to Windows 10

Costea Lestoc By: Costea Lestoc
2 minute read

Home » News » Microsoft won’t patch the SMBv1 vulnerability: turn the service off or upgrade to Windows 10

After the recent cyber attacks Petya and WannaCry, Microsoft recommended all Windows 10 users to remove the unused but still vulnerable SMBv1 file sharing protocol from their machines to stay safe. Both variants of the ransomware used this particular exploit to replicate through network systems.

Turn off the protocol as an old flaw came up

In case you haven’t turned off the protocol by now, you should consider doing so. For starters, new ransomware variants could strike once again and could use the same vulnerability to encrypt your files. Another reason is the fact that another 20-year-old flaw was just revealed during the recent DEF CON hacker conference.

SMB security flaw called SMBLoris

Security researchers revealed this security flaw at RiskSense and explained that it could lead to DoS attacks affecting every version of the SMB protocol and all versions of Windows since Windows 2000. Spooky, isn’t it? What’s more, a Raspberry Pi and just 20 lines of Python code will be enough to put a Windows server down.

The SMB vulnerability was discovered while analyzing EternalBlue, the leaked SMB exploit that is the source of recent ransomware attacks. Enterprise customers are strongly advised to block access from the internet to SMBv1 to remain safe.

Microsoft is planning to remove SMBv1 entirely from the Windows 10 Fall Creators Update so the whole issue might not be as terrifying as it seems now. But, just to be sure, everyone running older versions of Windows should know that they will remain affected by this issue, and for this reason it is recommended to disable the SMBv1 protocol.



Next up

Fix 0x8007007e Windows Update error like a PRO

Emmanuel Johnson avatar. By: Emmanuel Johnson
2 minute read

The error 0x8007007e usually occurs while trying to download Windows updates. This can be a big problem and leave your system vulnerable and out of […]

Continue Reading

How to run Microsoft Works on Windows 10? [QUICK GUIDE]

Vladimir Popescu avatar. By: Vladimir Popescu
3 minute read

Have you ever tried using MS Works on Windows 10? It might be harder than you think. Even though Works has been discontinued by Microsoft, […]

Continue Reading

Windows Defender can’t scan multiple files in Windows 10 v1903

Alexandru Voiculescu By: Alexandru Voiculescu
2 minute read

Users reported on Reddit that Windows 10 v1903 disabled Windows Defender real-time protection. This is often the case when you installed another antivirus solution on […]

Continue Reading