Microsoft is killing off SMBv1 in Windows 10 to thwart the likes of WannaCry
From the fall, Microsoft is disabling SMBv1 in Windows 10. With the release of Windows 10 Fall Creators Update (or Redstone 3 if you prefer), the protocol that was exploited by the WannaCry ransomware will be no more.
The file sharing protocol was developed by Microsoft over two decades ago, and the company recognizes that the time has come for it to be retired. Internal builds of Windows 10 being tested by Microsoft already have SMBv1 disabled, and similar builds will make their way to Windows Insiders and the wider public in due course.
The chances are however, that you will not notice anything different. The reason for this is that while Microsoft is killing off SMBv1, the change will only affect clean installations. If you just perform an in-place upgrade to Windows 10 Fall Creators Update, the protocol will still be present, Microsoft confirmed to Bleeping Computer.
Microsoft's Ned Pyle explains that while security was a key consideration when deciding to sideline SMBv1, it was not the only factor:
It's the main, but not the only. Besides security, the code itself was superseded by SMB2 and later for functionality; SMB1 brings no special value except ubiquity -- SMB2 can do what SMB1 can, plus many other things.
2.02 is the version that ships with Windows Server 2008, which is the oldest supported OS in the Windows/Windows Server stable currently. That makes it the minimum recommended.
We prefer that everyone run SMB 3.1.1 as a minimum, as it is the most secure and has the most functionality. SMB1 is deprecated, meaning it is effectively abandoned except for security updates.
While SMBv1 will remain enabled on machines that are upgraded to Windows 10 Fall Creators Update, it can be disabled using these steps.
Image credit: Goran Bogicevic / Shutterstock