Microsoft to disable SMBv1 in Windows 10 Redstone 3 update

June 19, 2017 // 10:56 a.m.

Tags: #fall-creators-update #ned-pyle #redstone-3 #security #server-message-blocks #smb #smbv1 #wannacry #wannacrypt #windows #windows-10

Microsoft has confirmed that it is to begin disabling the original Server Message Blocks (SMB) protocol in 'most' variants of Windows, as a means of protecting users against the security issues that brought us the WannaCry ransomware.

Launched in early May, the WannaCry ransomware used a vulnerability in the SMBv1 file-sharing protocol discovered and exploited by the US National Security Agency to attack hundreds of thousands of systems around the globe - including systems in several NHS facilities in the UK. While Microsoft has since issued a patch for all affected Windows releases, including the long-out-of-official-support Windows XP, the company has confirmed it is looking to go still further by officially disabling SMBv1 support across most Windows releases.

Speaking to Bleeping Computer, Microsoft's Ned Pyle, principle programme manager for the company's Windows Server High Availability and Storage division, announced that a decision to deprecate SMBv1 made five years ago and announced in 2014 now has a deadline: the release of the Windows 10 Fall Creators Update, also known as Windows 10 Redstone 3, and scheduled for October or November this year.

'This will not reach Insider Flights for some time, and it does not affect released production code at all yet,' Pyle explained, while confirming that Microsoft has been testing builds of Windows 10 Enterprise and Windows Server 2016 with SMBv1 disabled internally. 'It is likely to evolve several times inside Flights. All of this is subject to change and none of it can be considered plan of record. This is just early guidance.'

The change will not, however, affect existing systems under Microsoft's current release plan: 'This is not patching, nor upgrading,' Pyle told the site, 'this is a clean install [of] RS3 [Windows 10 Redstone 3.' As a result, anyone running an existing Windows system with SMB file sharing active would need to manually disable SMBv1 even following the update's public release, while those performing a fresh installation from media featuring the Redstone 3 update will have it disabled by default.

WEEK IN REVIEW

TOP STORIES

SUGGESTED FOR YOU