Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Won't Patch 20-Yr-Old SMBv1 Vulnerability (You Should Just Turn the Service Off) (onmsft.com)

Posted by msmash on from the security-woes dept.

An anonymous reader shares a news post: Following the recent WannaCry and Petya ransomware attacks, Microsoft recommended all Windows 10 users to remove the unused but vulnerable SMBv1 file sharing protocol from their PCs. This is because both variants of the ransomware actually used the same SMBv1 exploit to replicate through network systems, even though it seems that Petya mostly affected Windows PCs in Ukraine. Anyway, if you haven't turned off the protocol on the PC already, you really should: Not only because new WannaCry/Petya variants could once again use the same vulnerability again to encrypt your files, but because another 20-year-old flaw has just been unveiled during the recent DEF CON hacker conference. The SMB security flaw called "SMBLoris" was discovered by security researchers at RiskSense, who explained that it can lead to DoS attacks affecting every version of the SMB protocol and all versions of Windows since Windows 2000. More importantly, a Raspberry Pi and just 20 lines of Python code are enough to put a Windows server to its knees.

7 of 131 comments (clear)

  1. Re:So when will HP upgrade? by OhPlz · · Score: 4, Informative

    This is why you don't buy hardware from HP.

  2. Ummmmm Link for how to turn it off? by A10Mechanic · · Score: 5, Informative

    https://support.microsoft.com/...

    1. Re:Ummmmm Link for how to turn it off? by sexconker · · Score: 4, Informative

      Keep in mind there's a server component and a client component (regardless of whether or not you have a "server" OS), and you probably want to disable both.

  3. Re:People still USE SMBv1 by BronsCon · · Score: 3, Informative

    The SMB1 protocol is vulnerable. An implementation lacking the vulnerability would be incomplete and, likely, nonfunctional.

    --
    APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
  4. Re:why was SMB1 still enabled 20 years later? by suutar · · Score: 3, Informative

    Planned for Windows 10 Fall Creators Update, according to TFA

  5. Microsoft list of SMB1 products by Traf-O-Data-Hater · · Score: 4, Informative

    Agreed, there is a huge lot of older but still functional equipment that only talks SMB1. Microsoft has put together this list, and it surely isn't everything: https://blogs.technet.microsoft.com/filecab/2017/06/01/smb1-product-clearinghouse/

  6. Stuck supporting it because of OS X. by aaarrrgggh · · Score: 3, Informative

    OS X still has such miserable SMB client we are stuck with SMB1/CIFS to maintain some semblance of reliability and speed.