Microsoft to Remove SMBv1 Protocol in Next Windows 10 Version (RedStone 3)

The Server Message Block version 1 (SMBv1) — a 30-year-old file sharing protocol which came to light last month after the devastating WannaCry outbreak — will be removed from the upcoming Windows 10 (1709) Redstone 3 Update.

The SMBv1 is one of the internet’s most ancient networking protocols that allows the operating systems and applications to read and write data to a system and a system to request services from a server.

The WannaCry ransomware, which wreaked havoc last month, was also leveraging an NSA’s Windows SMB exploit, dubbed EternalBlue, leaked by the Shadow Brokers in its April data dump.

The WannaCry ransomware menace shut down hospitals, telecommunication providers, and many businesses worldwide, infecting hundreds of thousands of unpatched Windows servers running SMBv1 in more than 150 countries within just 72 hours on 12th of May.

Although Microsoft patched the vulnerability in SMBv1 in March in MS17-010, the company meanwhile strongly advised users to disable the three decades old protocol completely.

And you should disable it completely.

I mean come on, since Windows Vista you have SMBv2 and later SMBv3, and you are continuing to allow the old and horribly insecure SMBv1 protocol to run on your network.

Strange! Because there’s no excuse to continue.

Ned Pyle, the principal program manager for Microsoft’s Windows Server High Availability and Storage division, has also published a blog post this month, enlisting products from other vendors that are still using SMBv1 and begged them to stop using it now.

Read more…

Source: The Hacker News