Microsoft Ditches SMBv1 Protocol in Windows 10 Preview Build

SMBv1, the bane of IT administrators during the WannaCry ransomware outbreak, is disappearing from Windows 10.


Microsoft's latest Windows 10 preview build includes a welcome change for IT professionals who may have lost some sleep over the recent WannaCry ransomware outbreak.

Build number 16226 of the operating system, released to members of the Windows Insider early-access programs in the fast ring this week, finally dispenses with SMB (Server Message Block) version 1 (SMBv1). Last month's far-reaching WannaCry ransomware attack, which continues to grab headlines today, relies on flaws in SMBv1 to infect systems.

As it turns out, Microsoft had been warning IT professionals to disable SMBv1 long before WannaCry hit the scene.

"The original SMB1 protocol is nearly 30 years old, and like much of the software made in the 80's, it was designed for a world that no longer exists," wrote Ned Pyle, principle program manager and one of the "owners" of SMB at Microsoft, in a September 2016 TechNet post, encouraging users to ditch the troublesome technology. That is, "[a] world without malicious actors, without vast sets of important data, without near-universal computer usage."

With Windows 10 build 16226, Microsoft is taking matters into its own hands.

"As part of a multi-year security plan, we are removing the SMB1 networking protocol from Windows by default," said Dona Sarkar, head of the Windows Insider program, in a June 21 announcement. "This build has this change, however the change only affects clean installations of Windows, not upgrades. We are making this change to reduce the attack surface of the OS [operating system]."

As a result, the SMB1 server component has been removed from Windows 10 Home and Professional editions, although the client remains, explained Sarkar. This setup allows the operating system to make connections to devices using the SMBv1 while blocking devices that use the protocol in an attempt to connect to Windows 10.

On upcoming Windows 10 Enterprise and Education editions, SMBv1 will be uninstalled by default, added Sarkar. Computer Browser, a legacy Windows service that relies on SMBv1 for its shared resource browsing and location functionality, is also a goner.

Apart from the enhanced security provided by the removal of SMBv1, Windows 10 build 16226 also includes several new features and enhancements, including new browser tab behavior in Microsoft Edge.

The browser has been updated to ensure that users can always hit the "X" icon to close a tab, even if a JavaScript prompt or dialog sprouts up. Several other browser controls, including the settings pane, are now accessible while JavaScript prompts are visible, preventing websites from keeping visitors captive until the prompts are dismissed or the browser is closed.

For gamers and PC hardware enthusiasts, Microsoft has added GPU (graphics processing unit) stats to the Task Manager's performance tab. Users can now find information on graphics memory usage, video encoding performance and other utilization stats.

To help make Hyper-V virtual machines (VM) easier to manage, the company has added a VM Sharing feature, Sarkar announced. Clicking the new Virtual Machine Connection icon compresses a VM into a .vmcz file. After transferring the file to a destination machine, users can import a VM by simply double-clicking on the file.

Pedro Hernandez

Pedro Hernandez

Pedro Hernandez is a contributor to eWEEK and the IT Business Edge Network, the network for technology professionals. Previously, he served as a managing editor for the network of...