Updated December 2023: Stop getting error messages and slow down your system with our optimization tool. Get it now at this link
- Download and install the repair tool here.
- Let it scan your computer.
- The tool will then repair your computer.
Although the security problems in the systems are nowhere new, the confusion caused by the Wannacrypt ransom software has led to immediate action among netizens. Ransomware targets SMB service vulnerabilities in the Windows operating system.
SMB or Server Message Block is a network file sharing protocol for sharing files, printers, etc. between computers. There are three versions: Server Message Block (SMB) Version 1 (SMBv1), SMB Version 2 (SMBv2) and SMB Version 3 (SMBv3). Microsoft recommends you disable SMB1 for security reasons – and it is no more important to do so given the ransom epidemic of WannaCrypt or NotPetya.
Disable SMB1 on Windows
To defend against WannaCrypt ransomware, it is imperative to disable SMB1 and patches published by Microsoft. Let’s take a look at some of the ways to disable SMB1
Switch off SMB1 via system control
Open Control Panel > Programs and Features > Enable or Disable Windows Features
In the options list would be an option SMB 1.0/CIFS File Sharing Support. Clear the check box and press OK.
Restart your computer.
Disable SMBv1 with Powershell
Open a PowerShell window in administrator mode, type the following command and press Enter to disable SMB1 :
Set-ItemProperty -path'HKLM: SYSTEMCurrentControlSetServicesLanmanmanServerParameters' SMB1 -type DWORD -value 0 -force
If for any reason you need to temporarily disable SMB version 2 & version 3, use this command :
Set-ItemProperty -path'HKLM:SYSTEMCurrentControlSetServicesLanmanServerParameters' SMB2 -type DWORD -value 0 -Force
It is recommended to deactivate SMB version 1 as it is obsolete and uses technology that is nearly 30 years old.
Microsoft says that if you use SMB1, you lose key protection with later versions of the SMB protocol such as :
- Pre-authentication integrity (SMB 184.108.40.206+) – Protects against decommissioning attacks.
- Unsecured guest authentication (SMB 3.0+ on Windows 10+) – Protects against MiTM attacks.
- Secure Dialogue Negotiation (SMB 3.0, 3.02) – Protects against security degradation attacks.
- Better Message Signing (SMB 2.02+) – HMAC SHA-256 replaces MD5, as the hash algorithm in SMB 2.02, SMB 2.1 and AES-CMAC replaces SMB 3.0+. Increased signature performance in SMB2 and 3(14)
- (SMB 3.0+) encryption – Prevents data verification on the line, MiTM attacks. In SMB 220.127.116.11, encryption performance is even better than when signing.
If you want to enable them later (not recommended for SMB1), the commands would be as follows :
To enable SMB1:
Set-ItemProperty path'HKLM:SYSTEMCurrentControlSetServicesLanmanServerParameters' SMB1 type DWORD value 1 -Force
To enable SMB2 & SMB3:
Set-ItemProperty path'HKLM : SYSTEMCurrentControlSetServicesLanmanServerParameters' SMB2 Type DWORD Value 1 -Force
Disable SMB1 via Windows registry
You can also customize Windows registry to disable SMB1
Start regedit and navigate to the next registry key :
On the right side, the DWORD SMB1 should not exist or have a value of 0.
The activation and deactivation values are as follows :
- 0 = Off
- 1 = On
For additional options and ways to disable SMB protocols on the SMB server and client, see Microsoft.
Expert Tip: This repair tool scans the repositories and replaces corrupt or missing files if none of these methods have worked. It works well in most cases where the problem is due to system corruption. This tool will also optimize your system to maximize performance. It can be downloaded by Clicking Here