Why and how to disable SMB1 on Windows 10/8/7/7

by


Updated April 2024: Stop getting error messages and slow down your system with our optimization tool. Get it now at this link
  1. Download and install the repair tool here.
  2. Let it scan your computer.
  3. The tool will then repair your computer.

Although the security problems in the systems are nowhere new, the confusion caused by the Wannacrypt ransom software has led to immediate action among netizens. Ransomware targets SMB service vulnerabilities in the Windows operating system.

SMB or Server Message Block is a network file sharing protocol for sharing files, printers, etc. between computers. There are three versions: Server Message Block (SMB) Version 1 (SMBv1), SMB Version 2 (SMBv2) and SMB Version 3 (SMBv3). Microsoft recommends you disable SMB1 for security reasons – and it is no more important to do so given the ransom epidemic of WannaCrypt or NotPetya.

Disable SMB1 on Windows

To defend against WannaCrypt ransomware, it is imperative to disable SMB1 and patches published by Microsoft. Let’s take a look at some of the ways to disable SMB1

Switch off SMB1 via system control



April 2024 Update:

You can now prevent PC problems by using this tool, such as protecting you against file loss and malware. Additionally it is a great way to optimize your computer for maximum performance. The program fixes common errors that might occur on Windows systems with ease - no need for hours of troubleshooting when you have the perfect solution at your fingertips:

  • Step 1 : Download PC Repair & Optimizer Tool (Windows 10, 8, 7, XP, Vista – Microsoft Gold Certified).
  • Step 2 : Click “Start Scan” to find Windows registry issues that could be causing PC problems.
  • Step 3 : Click “Repair All” to fix all issues.

download



Open Control Panel > Programs and Features > Enable or Disable Windows Features

In the options list would be an option SMB 1.0/CIFS File Sharing Support. Clear the check box and press OK.

Restart your computer.

Disable SMBv1 with Powershell

Open a PowerShell window in administrator mode, type the following command and press Enter to disable SMB1 :

Set-ItemProperty -path'HKLM: SYSTEMCurrentControlSetServicesLanmanmanServerParameters' SMB1 -type DWORD -value 0 -force

If for any reason you need to temporarily disable SMB version 2 & version 3, use this command :

Set-ItemProperty -path'HKLM:SYSTEMCurrentControlSetServicesLanmanServerParameters' SMB2 -type DWORD -value 0 -Force

It is recommended to deactivate SMB version 1 as it is obsolete and uses technology that is nearly 30 years old.

Microsoft says that if you use SMB1, you lose key protection with later versions of the SMB protocol such as :

  1. Pre-authentication integrity (SMB 3.1.1.1+) – Protects against decommissioning attacks.
  2. Unsecured guest authentication (SMB 3.0+ on Windows 10+) – Protects against MiTM attacks.
  3. Secure Dialogue Negotiation (SMB 3.0, 3.02) – Protects against security degradation attacks.
  4. Better Message Signing (SMB 2.02+) – HMAC SHA-256 replaces MD5, as the hash algorithm in SMB 2.02, SMB 2.1 and AES-CMAC replaces SMB 3.0+. Increased signature performance in SMB2 and 3(14)
  5. (SMB 3.0+) encryption – Prevents data verification on the line, MiTM attacks. In SMB 3.1.1.1, encryption performance is even better than when signing.

If you want to enable them later (not recommended for SMB1), the commands would be as follows :

To enable SMB1:

Set-ItemProperty path'HKLM:SYSTEMCurrentControlSetServicesLanmanServerParameters' SMB1 type DWORD value 1 -Force

To enable SMB2 & SMB3:

Set-ItemProperty path'HKLM : SYSTEMCurrentControlSetServicesLanmanServerParameters' SMB2 Type DWORD Value 1 -Force

Disable SMB1 via Windows registry

You can also customize Windows registry to disable SMB1

Start regedit and navigate to the next registry key :

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesLanmanServerParameter

On the right side, the DWORD SMB1 should not exist or have a value of 0.

The activation and deactivation values are as follows :

      • 0 = Off
      • 1 = On

For additional options and ways to disable SMB protocols on the SMB server and client, see Microsoft.



Expert Tip: This repair tool scans the repositories and replaces corrupt or missing files if none of these methods have worked. It works well in most cases where the problem is due to system corruption. This tool will also optimize your system to maximize performance. It can be downloaded by Clicking Here

Related Video

Post Views: 2,299
Related posts:
  1. Disable Superfetch & Prefetch for SSD in Windows 10/8/7
  2. Automatic activation of Dark Theme in the Settings application under Windows 10
  3. Enable the command prompt via the GPO or Windows registry, disable
  4. How to disable or enable ReFS or Resilient File System under Windows 10