Disable, or plan to disable, SMBv1

SMBv1 is s deprecated protocol, replaced by SMBv2 and SMBv3.

A vulnerability in SMBv1, which was patched in MS17-010, has been exploited by Petya ransomware to propagate itself within a network. Another vulnerability in SMBv1 can crash a server. Microsoft will not be patching this vulnerability.


Learn if you have a dependency upon SMBv1. Windows prior to Vista (including Windows XP) requires SMBv1. A variety of third party products use SMBv1:


Manage SMBv1 using group policies. While a registry modification would work, you want group policy to enforce the change on any systems which may have been missed, any new systems, and any unsupported maintenance.


Additional products may be discovered when Microsoft disables SMBv1 by default on new builds of Windows 10.


Comments are closed.