Microsoft will turn off SMBv1 in Windows Starting this fall

Microsoft is currently building Windows versions, in which SMBv1, a file sharing protocol developed in the early 90s, will be disabled. The company has disabled SMBv1 for internal builds of Windows 10 Enterprise and Windows Server 2016. These builds are not released to the public and can only be used for testing purposes.

"This will not be available on Insider Flights for a while and will not affect released products," Ned Pyle, Program Manager at Microsoft Windows Server High Availability and Storage team, confirmed with Bleeping Computer via email. There is no detailed information yet because Microsoft is still in the early stages of deciding the action plan. "There may be a few changes in Flight. All will change and will not be recorded. This is just an initial guide," Pyle said.

Decisions many years ago WannaCry

Over the past few months, SMBv1 has become the brightest point ever. The hacker group Shadow Brokers leaked hack tools based on exploiting SMBv1's security flaws. Some people even use these vulnerabilities to create ransomware called WannaCry in the world. Although this is a large-scale attack, it is actually decided to disable SMBv1 that has been released before.

Microsoft will turn off SMBv1 in Windows Starting this fall Picture 1
WannaCry exploits SMBv1 to attack extortion

Pyle said, "Since 5 years ago. We made a public decision in 2014 without saying a specific date." Now that day has arrived, that is when Windows 10 Redstone 3 is released, or Fall Creator Update will be released in October or 11/2017. After this date, the Windows 10 or Windows Server 2016 versions you install will no longer have part or all of SMBv1. "This is not patching or updating, it is a clean RS3 installation process," Pyle said.

This means that Microsoft's decision will not affect installed Windows versions, where SMBv1 is still an important part of the system. Users who want to remove SMBv1 will have to manually disable or install Redstone 3.

Pyle also does not exclude the situation that MIcrosoft changes during the upgrade process, allowing to disable SMBv1 when users upgrade their old OS to Windows or newer versions of Insider Build.

Confidential is the main reason for removing SMBv1

Even if WannaCry is not the main reason Microsoft removed SMBv1, the protocol's security issue is still worrying and the company makes the decision. "It is the main but not the only cause," Pyle told Bleeping Computer, "besides security, itself was replaced by SMBv2, SMBv1 no longer has a special value except for the popularity. SMBv2 can do things SMBv1 can ".

"At this point, SMBv2.02 is the version that is used on Windows Server 2008, the oldest OS supported in the Stable versions of Windows / Windows Server. That makes SMBv1 less recommended."

"We think most people should use SMB 3.1.1 minimum because it's safe and the most feature-rich," Pyle said. Over the years, Pyle has been one of the people who supports the most active SMBv1 removal. Recently, he made a list of products that require SMBv1 as a minimum requirement, so that users can avoid it. Users interested in SMBv1 can visit the Microsoft support page.