This week, Microsoft released a new build of Windows 10 to Insiders that is removing a legacy networking protocol from the default configuration. SMB1 will no longer be installed with Windows 10, by default, which may have implications for your environment if you are still using the older technology.
SMB1 (Server Message Block) is nearly thirty years old and is not designed for the modern web or operating systems. Despite the fact that this old protocol has had many successors released that are far more secure and offer additional functionality, this protocol is still in use inside some companies around the globe.
By default, Microsoft will no longer be installing SMB1 networking protocol with a clean install of Windows 10. It’s important to note that they are not removing support for the protocol in Windows 10 but this is another step to removing the use of the old technology in Windows. If you are upgrading or need to install the protocol after a clean install, you will still be able to do so but it is not advised as this opens up a new attack vector on your environment.
Microsoft has already made several important changes regarding SMB1 and Windows 10 that are listed below:
- All Home and Professional editions now have the SMB1 server component uninstalled by default. The SMB1 client remains installed. This means you can connect to devices from Windows 10 using SMB1, but nothing can connect to Windows 10 using SMB1. We still recommend you uninstall SMB1 if you are not using it. In a later feature update of
- Windows 10, we may uninstall SMB1 client if we detect that you are not using it.
- All Enterprise and Education editions have SMB1 totally uninstalled by default.
- The removal of SMB1 means the removal of the legacy Computer Browser service. The Computer Browser depends exclusively on SMB1 and cannot function without it.
Considering the age of the protocol, the fact that there are more secure iterations of the same protocol available, and that you are putting yourself and your company at risk by using this feature, there are few reasons to be using SMB1 today. But, if you do find that you need to keep using SMB1, Microsoft has provided a resource page here.