ARCHIVED: About the SMBv1 retirement

This content has been archived, and is no longer maintained by Indiana University. Information here may no longer be accurate, and links may no longer be available or reliable.

On this page:

Overview

On April 7, 2019, Campus Communications Infrastructure (CCI) disabled SMBv1 on the Active Directory Domain controllers.

Server Message Block (SMB) is an application layer network protocol commonly used in Microsoft Windows to provide shared access to files and printers. SMBv1 is the original protocol developed in the 1980s, making it more than 30 years old. More secure and efficient versions of SMB are available today.

Security concerns

The SMBv1 protocol is not safe to use. By using this old protocol, you lose protections such as pre-authentication integrity, secure dialect negotiation, encryption, disabling insecure guest logins, and improved message signing. Microsoft has advised customers to stop using SMBv1 because it is extremely vulnerable and full of known exploits. WannaCry, a well-known ransomware attack, exploited vulnerabilities in the SMBv1 protocol to infect other systems. Because of the security risks, support for SMBv1 has been disabled.

Recommendations

SMBv1 should be disabled on all systems that do not have a business justification to warrant continued use.

For instructions, see:

This is document aumn in the Knowledge Base.
Last modified on 2024-01-16 09:49:07.