In May 2017 various companies were attacked by a ransomware also termed as WannaCrypt attack. These WannaCrypt attacks used a vulnerability in SMBv1 which is considered as the main reason for the attack to be successful. SMBv1 is a file-sharing protocol which has been used since 1990s for spreading horizontally in a Windows network to other Windows users without even needing those computers to even open any attachments.
Microsoft had already been working from 2014 to deprecate the SMBv1 protocol so as to avoid the risk of further exploits. And Microsoft have now announced that starting from the next iteration of the of Windows 10 i.e. the Fall Creators Update the SMBv1 protocol will removed completely.
According to MSPoweruser, Microsoft’s Ned Pyle, principal programme manager for the company’s Windows Server High Availability and Storage division has confirmed this and said that they are also testing internal insider builds of Windows 10 Enterprise and Windows Server 2016 which will have SMBv1 disabled completely. Pyle has explained that this deprecation will not be reaching the Insider Flights for some time, and it will also not affect the already released production code. But he also said that it is subject to change and none of it can be considered plan of record. Let’s hope MS take all necessary steps to avoid any future attacks.