What just happened? Microsoft has confirmed that Windows 11 Dev Channel builds would be released without SMB1 moving forward. The outdated file-sharing protocol, which has been in use for more than 30 years, has undergone several updates to modernize the service and address security vulnerabilities identified along the way. Despite the updates, administrators who still rely on the original protocol have the option to reinstall the feature…at least for now.
Microsoft started deprecating the SMB1 protocol in some versions of Windows 10 and Windows Server several years ago, so the decision to disable the feature should come as no surprise to anyone who manages IT infrastructure. Much of the original push to move away from SMB1 revolves around mitigating potential security vulnerabilities.
In 2016, Microsoft released MS16-114, which identified vulnerabilities in different versions of Windows and Windows Server. The bulletin outlined how attackers could run code and introduce a direct denial of service (DDoS) attack. Write-ups from the Microsoft community dating back to 2016 urged users to move away from the obsolescence protocol. US-CERT also recommended that users and administrators disable the SMB1 service and block associated network traffic over specific ports.
According to Ned Pyle, Principal Program Manager at Microsoft who has consistently provided the community with SMB updates, these latter actions will eventually be followed by the removal of the actual SMB1 binaries from future product releases. Pyle has been one of the major contributors to MS Technet articles and blogs on the subject of SMB1, and has spoken out for years about the need to get rid of it. His previous posts regarding SMB1 replacement pointed to several security vulnerabilities that were fixed by later versions to prevent downgrade attacks, man-in-the-middle (MiTM) attacks, and any vulnerabilities related to system messages and encryption.
Despite lengthy calls to move away from the legacy service, operators of smaller, aging, budget-bound infrastructures have expressed concern about declining support for the protocol. What may be a small cost to larger organizations is a huge roadblock for small businesses and individuals who don’t have the financial or technical resources for full infrastructure updates.
Pyle’s latest blog post has acknowledged that the move could be a pain point for consumers or groups using outdated hardware. The post includes a link to the original SMB1 Product Clearinghouse, which provides a list of vendor products and documentation of known SMB1 requirements. Updates to the list can be submitted to StillNeedsSMB1@microsoft.com or by tweeting at Pyle with hashtag #StillNeedsSMB1.
Image Credit: Windows Key by Tadas Sar
This post Latest Windows Insider Build Brings Microsoft One Step Closer to Disabling SMB1
was original published at “https://www.techspot.com/news/94328-latest-windows-insider-build-brings-microsoft-one-step.html”