Microsoft removes SMB1 from Windows 10 by default following Wannacry attack

By: Madeleine Dean
2 minute read

Microsoft recently decided to remove the SMB1 networking protocol from Windows 10 by default. This change is part of the tech giant’s multi-year security plan aimed at reducing the attack surface of the OS.

The first OS version to feature this change is build 16226. However the change only affects clean installations of Windows, and not upgrades.

Here are more details about the removal of SMB1:

  • All Home and Professional editions now have the SMB1 server component uninstalled by default. The SMB1 client remains installed. This means you can connect to devices from Windows 10 using SMB1, but nothing can connect to Windows 10 using SMB1.
  • Microsoft still recommend you uninstall SMB1 even if you are not using it. The company is also considering uninstalling the SMB1 client in a later feature update of Windows 10 if it detect that you are not using it.
  • All Enterprise and Education editions have SMB1 totally uninstalled by default.
  • The removal of SMB1 means the removal of the legacy Computer Browser service.

Quick reminder: What is SMB1?

SMB1 is an application-layer network protocol developed by Microsoft more than 30 years ago. The protocol is mainly used for offering shared access to files, printers, serial ports and other network tools between nodes on a network.

At the time the tech giant created this protocol, the world was a much safer place. As malware appeared, SMB1 became some sort of an Achilles’s heel for computers, making them extremely vulnerable to threats. It is worth mentioning that the SMB1 server software was recently successfully exploited by the WannaCry ransomware.

Microsoft explains that if your clients use SMB1, they become sitting ducks for man-in-the-middle attacks.

[…] if your clients use SMB1, then a man-in-the-middle can tell your client to ignore all the above. All they need to do is block SMB2+ on themselves and answer to your server’s name or IP. Your client will happily derp away on SMB1 and share all its darkest secrets unless you required encryption on that share to prevent SMB1 in the first place. This is not theoretical – we’ve seen it.

If you’re still relying on SMB1, stop using it right now. For more information on how to disable SMB1, follow the instructions available on Microsoft’s support page.

RELATED STORIES YOU NEED TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Discussions

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading