Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Won't Patch 20-Yr-Old SMBv1 Vulnerability (You Should Just Turn the Service Off) (onmsft.com)

Posted by msmash on from the security-woes dept.

An anonymous reader shares a news post: Following the recent WannaCry and Petya ransomware attacks, Microsoft recommended all Windows 10 users to remove the unused but vulnerable SMBv1 file sharing protocol from their PCs. This is because both variants of the ransomware actually used the same SMBv1 exploit to replicate through network systems, even though it seems that Petya mostly affected Windows PCs in Ukraine. Anyway, if you haven't turned off the protocol on the PC already, you really should: Not only because new WannaCry/Petya variants could once again use the same vulnerability again to encrypt your files, but because another 20-year-old flaw has just been unveiled during the recent DEF CON hacker conference. The SMB security flaw called "SMBLoris" was discovered by security researchers at RiskSense, who explained that it can lead to DoS attacks affecting every version of the SMB protocol and all versions of Windows since Windows 2000. More importantly, a Raspberry Pi and just 20 lines of Python code are enough to put a Windows server to its knees.

8 of 131 comments (clear)

  1. why was SMB1 still enabled 20 years later? by Anonymous Coward · · Score: 5, Insightful

    Why doesn't Microsoft patch the OS so that SMB1 is disabled entirely? I mean MS already shoves all sorts of crap down your throat anyways, why can't that unshove shit?

  2. So when will HP upgrade? by GerbilSoft · · Score: 5, Interesting

    Most of HP's multi-function printers with Scan To Network only support SMB1. When will they issue a firmware update that adds support for SMB2?

    1. Re:So when will HP upgrade? by OhPlz · · Score: 4, Informative

      This is why you don't buy hardware from HP.

    2. Re:So when will HP upgrade? by AmiMoJo · · Score: 4, Funny

      Also, thanks to TFA for providing instructions on how to disable SMB1.

      Also why the hell does Windows have Super Mario Brothers 1 and 2 built in?!?

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    3. Re:So when will HP upgrade? by Anonymous Coward · · Score: 5, Insightful

      Or operating systems from MS.

  3. Ummmmm Link for how to turn it off? by A10Mechanic · · Score: 5, Informative

    https://support.microsoft.com/...

    1. Re:Ummmmm Link for how to turn it off? by sexconker · · Score: 4, Informative

      Keep in mind there's a server component and a client component (regardless of whether or not you have a "server" OS), and you probably want to disable both.

  4. Microsoft list of SMB1 products by Traf-O-Data-Hater · · Score: 4, Informative

    Agreed, there is a huge lot of older but still functional equipment that only talks SMB1. Microsoft has put together this list, and it surely isn't everything: https://blogs.technet.microsoft.com/filecab/2017/06/01/smb1-product-clearinghouse/